diff --git a/api/account/information/Account-Information-API.json b/api/account/information/Account-Information-API.json index efe5a48..dd9dcbb 100644 --- a/api/account/information/Account-Information-API.json +++ b/api/account/information/Account-Information-API.json @@ -7,7 +7,7 @@ "contact" : { "name" : "ING Developer Portal", "url" : "https://developer.ing.com", - "email" : "apis@ing.com" + "email" : "developerportal@ing.com" }, "license" : { "name" : "Copyright (c) ING Bank NV. All Rights Reserved.", diff --git a/api/oauth2/OAuth-2.0-API.json b/api/oauth2/OAuth-2.0-API.json index cb1de36..fe9c572 100644 --- a/api/oauth2/OAuth-2.0-API.json +++ b/api/oauth2/OAuth-2.0-API.json @@ -1,99 +1,116 @@ { - "swagger" : "2.0", + "openapi" : "3.0.1", "info" : { - "description" : "The OAuth 2.0 API exposes the resources for third parties to connect to ING APIs using the [OAuth 2.0](https://tools.ietf.org/html/rfc6749) protocol for authentication and authorization. This API supports the \"client credentials\", \"authorization code\" and \"refresh token\" grant types. Subscription to this API is only required when the Authorization Grant code flow is required for your application. The other supported OAuth 2.0 flows can be used without subscription.", - "version" : "2.3.1", "title" : "OAuth 2.0 API", + "description" : "The OAuth 2.0 API exposes the resources for third parties to connect to ING APIs using the OAuth 2.0 protocol for authentication and authorization. This API supports the \"client credentials\", \"authorization code\" and \"refresh token\" grant types. Subscription to this API is only required when the Authorization Grant code flow is required for your application. The other supported [OAuth 2.0](https://tools.ietf.org/html/rfc6749) flows can be used without subscription.", "contact" : { "name" : "ING Developer Portal", "url" : "https://developer.ing.com", - "email" : "apis@ing.com" - } + "email" : "developerportal@ing.com" + }, + "version" : "2.3.5" }, - "host" : "api.ing.com", - "basePath" : "/", - "schemes" : [ "https" ], - "consumes" : [ "application/json" ], - "produces" : [ "application/json" ], + "servers" : [ { + "url" : "https://api.ing.com/" + } ], "paths" : { "/oauth2/token" : { "post" : { "summary" : "Retrieve an application or customer access token, or refresh an access token", - "description" : "\nThis endpoint allows requesting an access token for one of the flows below:\n\n## Client Credentials (registered in the ING Developer portal)\nFor authenticating your application and retrieving an application access token.\nRequired request parameters:\n- grant_type=client_credentials\n- scope (optional): If not provided, all the subscribed scopes will be returned\n\n## Client Credentials (without pre-registration using eIDAS/OBIE certificates supporting PSD2)\nFor authenticating your application and retrieving an application access token without pre-registration in the ING Developer portal using eIDAS/OBIE certificates supporting PSD2. This flow will automatically subscribe your application to the allowed ING APIs based on the PSD2 roles in the certificate. The scopes in the application access token are based on the PSD2 roles.\nRequired request parameters:\n- grant_type=client_credentials\n- TPP-Signature-Certificate: PSD2 compliant Qualified Electronic Seal Certificate (QSealC)\n\n## Authorization Code\nFor exchanging the authorization code for a customer access token. \nRequired request parameters:\n- grant_type=authorization_code\n- code (required)\n- redirect_uri (optional)\n\n## Refresh Token\nFor exchanging a refresh token for a new customer access token.\nRequired request parameters:\n- grant_type=refresh_token\n- refresh_token (required)\n", - "consumes" : [ "application/x-www-form-urlencoded" ], + "description" : "\nThis endpoint allows requesting an access token for one of the flows below:\n\n## Client Credentials (registered in the ING Developer portal)\nFor authenticating your application and retrieving an application access token.\nRequired request parameters:\n- grant_type=client_credentials\n- scope (optional): If not provided, all the subscribed scopes will be returned\n\n## Client Credentials (without pre-registration using eIDAS/OBIE certificates supporting PSD2)\nFor authenticating your application and retrieving an application access token without pre-registration in the ING Developer portal using eIDAS/OBIE certificates supporting PSD2. This flow will automatically subscribe your application to the allowed ING APIs based on the PSD2 roles in the certificate. The scopes in the application access token are based on the PSD2 roles.\nRequired request parameters:\n- grant_type=client_credentials\n- TPP-Signature-Certificate: PSD2 compliant Qualified Electronic Seal Certificate (QSealC)\n\n## Authorization Code\nFor exchanging the authorization code for a customer access token. \nRequired request parameters:\n- grant_type=authorization_code\n- code (required)\n- redirect_uri (optional)\n\n## Refresh Token\nFor exchanging a refresh token for a new customer access token.\nRequired request parameters:\n- grant_type=refresh_token\n- refresh_token (required)\n \n ## Access tokens and message signing\n Most of our APIs require a combination of TLS and and request signing to verify the identity of the sender of the message and to verify that the message was not tampered with during transit. While some APIs are currently using HTTP Signatures, ING is standardizing on the use of JWS for message signing as per the Open Banking Europe specification.\n\n [Want to learn more about the JSON Web Signature specification for Open Banking?](https://www.openbankingeurope.eu/media/2096/obe-json-web-signature-profile-for-open-banking.pdf)\n\n [Want to learn more about the HTTP Signature specification?](https://tools.ietf.org/html/draft-cavage-http-signatures-10)\n\n ## Why is this important when requesting an access token?\n An access token requested using the HTTP Signature approach can only be used for consuming APIs that use HTTP Signatures for message signing. An access token requested using the Mutual TLS approach can only be used for consuming APIs that rely on JWS and / or Mutual TLS.\n ## JSON Web Signature (JWS) and Mutual TLS (mTLS)\n In addition to the required parameters mentioned above for the different authentication flows (Client Credentials, Authorization code and Refresh token), the following additional request parameters are required for use with JWS and mTLS :\n - client_id (required) \n ## HTTP Signature `DEPRECATED`\n In addition to the required parameters mentioned above for the different authentication flows (Client Credentials, Authorization code and Refresh token), the following additional request parameters are required for use with HTTP Signature:\n - Authorization (required)\n - Digest (required)\n", + "operationId" : "getAccessTokenUsingPOST", "parameters" : [ { "name" : "Authorization", "in" : "header", - "description" : "For the 'client_credentials' grant type we require the Authorization header with the signature authentication scheme as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', the client ID is used as keyID, and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'\nFor the 'authorization_code' and 'refresh_token' grant type the bearer authentication scheme with the application access token is required.", - "required" : true, - "type" : "string" + "description" : "Optional field when requesting an access token for the 'client_credentials' grant type that will be used for APIs that are using mTLS and/or JWS Signature.\n\n Required field when requesting an access token for the 'client_credentials' grant type that will be used for APIs that are using HTTP Signature. In that case it is used for the the signature authentication scheme as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', the client ID is used as keyID, and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'.\n\n Required field for the 'authorization_code' and 'refresh_token' grant type. In that case it is used for the bearer authentication scheme with the application access token.", + "schema" : { + "type" : "string" + } }, { "name" : "Signature", "in" : "header", - "description" : "Signature header as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires at least the headers '(request-target) date digest'\nRequired when the Authorization header is used with the bearer auth-scheme and the application access token.", - "required" : false, - "type" : "string" + "description" : "Optional field when using the 'client_credentials' grant type, or when requesting an access token that will be used for APIs that are using mTLS and/or JWS Signature.\n\n Required field when using the 'authorization_code' or 'refresh_token' grant type when using HTTP Signature. In this case the Signature header is used for HTTP Signature as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'.", + "schema" : { + "type" : "string" + } }, { "name" : "Date", "in" : "header", - "description" : "The current date in the HTTP standard Date header format (see RFC7231: https://tools.ietf.org/html/rfc7231#section-7.1.1.2)", - "required" : true, - "type" : "string" + "description" : "The current date in the HTTPs standard Date header format (see RFC7231: https://tools.ietf.org/html/rfc7231#section-7.1.1.2).\n\n Optional field when using mTLS and/or JWS Signature.\n\n Required field when using HTTP Signature.", + "schema" : { + "type" : "string" + } }, { "name" : "Digest", "in" : "header", - "description" : "The SHA-256 hash value of the requests body encoded in Base64. If the body is empty, it should be the SHA-256 value of the empty string. This header is used in the Authorization Signature header.", - "required" : true, - "type" : "string" + "description" : "The SHA-256 hash value of the request body encoded in Base64. If the body is empty, it should be the SHA-256 value of the empty string.\n\n Optional field when using mTLS and/or JWS Signature.\n\n Required field when using HTTP Signature.", + "schema" : { + "type" : "string" + } }, { "name" : "TPP-Signature-Certificate", "in" : "header", "description" : "If your application is not registered in the ING Developer portal, you can add the PSD2 compliant Qualified Electronic Seal Certificate (QSealC) which you used for the signature in the client credentials grant type. The certificate (PEM format) needs to be the Base64 encoded", - "required" : false, - "type" : "string" - }, { - "name" : "grant_type", - "in" : "formData", - "description" : "OAuth 2.0 grant type", - "required" : true, - "type" : "string", - "enum" : [ "client_credentials", "authorization_code", "refresh_token" ] - }, { - "name" : "scope", - "in" : "formData", - "description" : "Requested scopes in the 'client_credentials' grant type. Optional field, if not provided the registered scopes will be used. Scopes are delimited by a space and the complete field should be application/x-www-form-urlencoded", - "required" : false, - "type" : "string" - }, { - "name" : "code", - "in" : "formData", - "description" : "Required in the 'authorization_code' grant type, value is the recieved authorization code from the authorization request", - "required" : false, - "type" : "string" - }, { - "name" : "redirect_uri", - "in" : "formData", - "description" : "Required in the 'authorization_code' grant type, the 'redirect_uri' parameter as included in the authorization request.", - "required" : false, - "type" : "string" - }, { - "name" : "refresh_token", - "in" : "formData", - "description" : "Required in the 'refresh_token' grant type, the refresh token issued.", - "required" : false, - "type" : "string" + "schema" : { + "type" : "string" + } } ], + "requestBody" : { + "content" : { + "application/x-www-form-urlencoded" : { + "schema" : { + "required" : [ "grant_type" ], + "properties" : { + "client_id" : { + "type" : "string", + "description" : "The client_id for your registered application in the ING Developer portal.\n\n Required field when requesting an access token for the 'client_credentials' grant type that will be used for APIs that are using mTLS and/or JWS Signature.\n\n Optional field in all other cases, eg when requesting an access token that will be used for APIs that are using HTTP Signature, or when using the 'authorization_code' or 'refresh_token' grant type." + }, + "grant_type" : { + "type" : "string", + "description" : "OAuth 2.0 grant type", + "enum" : [ "client_credentials", "authorization_code", "refresh_token" ] + }, + "scope" : { + "type" : "string", + "description" : "Requested scopes in the 'client_credentials' grant type. Optional field, if not provided the registered scopes will be used. Scopes are delimited by a space and the complete field should be application/x-www-form-urlencoded" + }, + "code" : { + "type" : "string", + "description" : "Required in the 'authorization_code' grant type, value is the recieved authorization code from the authorization request" + }, + "redirect_uri" : { + "type" : "string", + "description" : "Required in the 'authorization_code' grant type, the 'redirect_uri' parameter as included in the authorization request." + }, + "refresh_token" : { + "type" : "string", + "description" : "Required in the 'refresh_token' grant type, the refresh token issued." + } + } + } + } + }, + "required" : true + }, "responses" : { "200" : { "description" : "OK Returns an access token, and optionally a refresh token and JSON Web Key set.", - "schema" : { - "$ref" : "#/definitions/TokenResponse" + "content" : { + "application/json" : { + "schema" : { + "$ref" : "#/components/schemas/TokenResponse" + } + } } }, "400" : { "description" : "Bad Request - The request was invalid", - "schema" : { - "$ref" : "#/definitions/Error" + "content" : { + "application/json" : { + "schema" : { + "$ref" : "#/components/schemas/Error" + } + } } }, "500" : { @@ -107,62 +124,80 @@ "summary" : "Retrieve the ING Authorization server URL with a specific request identifier", "description" : "This endpoint stores the received data and returns a object/body with a location property containing the authorize URI with a specific reference ID for request identification. In case of error the API returns the error description.", "operationId" : "authorizationServerUrlUsingGET", - "consumes" : [ "application/json" ], - "produces" : [ "application/json" ], "parameters" : [ { "name" : "Authorization", "in" : "header", "description" : "Application access token (bearer) received in the Client Credentials grant flow", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "Signature", "in" : "header", "description" : "Signature header as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'.", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "Date", "in" : "header", "description" : "The current date in the HTTPs standard Date header format (see RFC7231: https://tools.ietf.org/html/rfc7231#section-7.1.1.2)", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "Digest", "in" : "header", "description" : "The SHA-256 hash value of the requests body encoded in Base64. If the body is empty, it should be the SHA-256 value of the empty string.", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "redirect_uri", "in" : "query", "description" : "URI where user is redirected to after authorization. Only required when your application is not registered in the ING Developer portal, and your are using PSD2 compliant eIDAS/OBIE certificates", - "required" : false, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "scope", "in" : "query", "description" : "List of scopes for which an authorization request is asked, separated by space. Must not be empty and it is validated based on the subscriptions of your API.", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "country_code", "in" : "query", "description" : "Country Code 2 letter value(ISO 3166-1). The country code is optional, and allows you to redirect you user to a specific ING country login page.", - "required" : false, - "type" : "string" + "schema" : { + "type" : "string" + } } ], "responses" : { "200" : { "description" : "OK Response body containing the authorisation url where you can redirect your user to, to obtain the authorization for the requested scopes.", - "schema" : { - "$ref" : "#/definitions/AuthorizationURLResponse" + "content" : { + "application/json" : { + "schema" : { + "$ref" : "#/components/schemas/AuthorizationURLResponse" + } + } } }, "400" : { "description" : "Bad Request", - "schema" : { - "$ref" : "#/definitions/Error" + "content" : { + "application/json" : { + "schema" : { + "$ref" : "#/components/schemas/Error" + } + } } }, "500" : { @@ -179,53 +214,69 @@ "summary" : "Revoke a customer refresh token.", "description" : "This endpoint is used to revoke an existing token from a client.", "operationId" : "revokeRefreshTokenUsingPOST", - "consumes" : [ "application/x-www-form-urlencoded" ], "parameters" : [ { "name" : "Authorization", "in" : "header", "description" : "Application access token as bearer token", "required" : true, - "type" : "string" + "schema" : { + "type" : "string" + } }, { "name" : "Signature", "in" : "header", - "description" : "Signature header as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'.", - "required" : true, - "type" : "string" + "description" : "Optional field when when using an access token that was acquired through using mTLS and/or JWS Signature.\n\n Required field when using HTTP Signature for message integrity. In this case the Signature header is used for HTTP Signature as defined in https://tools.ietf.org/html/draft-cavage-http-signatures-10. ING requires the headers '(request-target) date digest', and the algorithm is 'rsa-sha256' or 'ecdsa-sha256', 'ecdsa-sha384', 'ecdsa-sha512'.", + "schema" : { + "type" : "string" + } }, { "name" : "Date", "in" : "header", - "description" : "The current date in the HTTPs standard Date header format (see RFC7231: https://tools.ietf.org/html/rfc7231#section-7.1.1.2)", - "required" : true, - "type" : "string" + "description" : "The current date in the HTTPs standard Date header format (see RFC7231: https://tools.ietf.org/html/rfc7231#section-7.1.1.2).\n\n Optional field when using mTLS and/or JWS Signature.\n\n Required field when using HTTP Signature.", + "schema" : { + "type" : "string" + } }, { "name" : "Digest", "in" : "header", - "description" : "The SHA-256 hash value of the requests body encoded in Base64. If the body is empty, it should be the SHA-256 value of the empty string.", - "required" : true, - "type" : "string" - }, { - "name" : "token", - "in" : "formData", - "description" : "The customer refresh token that needs to be revoked.", - "required" : true, - "type" : "string" - }, { - "name" : "token_type_hint", - "in" : "formData", - "description" : "Token type", - "required" : false, - "type" : "string", - "enum" : [ "refresh_token" ] + "description" : "The SHA-256 hash value of the request body encoded in Base64. If the body is empty, it should be the SHA-256 value of the empty string.\n\n Optional field when using mTLS and/or JWS Signature.\n\n Required field when using HTTP Signature.", + "schema" : { + "type" : "string" + } } ], + "requestBody" : { + "content" : { + "application/x-www-form-urlencoded" : { + "schema" : { + "required" : [ "token" ], + "properties" : { + "token" : { + "type" : "string", + "description" : "The customer refresh token that needs to be revoked." + }, + "token_type_hint" : { + "type" : "string", + "description" : "Token type", + "enum" : [ "refresh_token" ] + } + } + } + } + }, + "required" : true + }, "responses" : { "200" : { "description" : "OK" }, "400" : { "description" : "Bad Request", - "schema" : { - "$ref" : "#/definitions/Error" + "content" : { + "application/json" : { + "schema" : { + "$ref" : "#/components/schemas/Error" + } + } } }, "500" : { @@ -235,139 +286,144 @@ } } }, - "securityDefinitions" : { - "ING-Application-Security" : { - "type" : "oauth2", - "tokenUrl" : "https://api.ing.com/oauth2/token", - "flow" : "application", - "scopes" : { - "granting" : "Required to start the \"granting\" flow for an ING customer." - } - } - }, - "definitions" : { - "AuthorizationURLResponse" : { - "type" : "object", - "properties" : { - "location" : { - "type" : "string", - "example" : "https://myaccount.ing.com/granting/dc53ca2d9681cbd355ae697694dae3f9736b45854edbf96d0a23a186b3f8011b/NL", - "x-ing-type" : "string" + "components" : { + "schemas" : { + "AuthorizationURLResponse" : { + "type" : "object", + "properties" : { + "location" : { + "type" : "string", + "example" : "https://myaccount.ing.com/granting/dc53ca2d9681cbd355ae697694dae3f9736b45854edbf96d0a23a186b3f8011b/NL", + "x-ing-type" : "string" + } } - } - }, - "TokenResponse" : { - "type" : "object", - "required" : [ "access_token", "expires_in", "scope", "token_type" ], - "properties" : { - "access_token" : { - "type" : "string", - "example" : "eyJhbGciOiJkaXIiLCJlbmMiOi....", - "x-ing-type" : "string" - }, - "expires_in" : { - "type" : "integer", - "example" : 900, - "x-ing-type" : "integer" - }, - "scope" : { - "type" : "string", - "example" : "scope1 scope2", - "x-ing-type" : "string" - }, - "token_type" : { - "type" : "string", - "example" : "Bearer", - "x-ing-type" : "string" - }, - "refresh_token" : { - "type" : "string", - "example" : "eyJhbGciOiJkaXIiLCJlbmMiOi....", - "x-ing-type" : "string" - }, - "refresh_token_expires_in" : { - "type" : "integer", - "example" : 3600, - "x-ing-type" : "integer" - }, - "client_id" : { - "type" : "string", - "example" : "dc46e4b8-70aa-4da4-b74a-a2576680f004", - "x-ing-type" : "string" - }, - "keys" : { - "type" : "array", - "description" : "ING public key in JSON Web Key Set standard format (https://tools.ietf.org/html/rfc7517).", - "items" : { - "$ref" : "#/definitions/jsonWebKeySet" + }, + "TokenResponse" : { + "required" : [ "access_token", "expires_in", "scope", "token_type" ], + "type" : "object", + "properties" : { + "access_token" : { + "type" : "string", + "example" : "eyJhbGciOiJkaXIiLCJlbmMiOi....", + "x-ing-type" : "string" + }, + "expires_in" : { + "type" : "integer", + "example" : 900, + "x-ing-type" : "integer" + }, + "scope" : { + "type" : "string", + "example" : "scope1 scope2", + "x-ing-type" : "string" + }, + "token_type" : { + "type" : "string", + "example" : "Bearer", + "x-ing-type" : "string" + }, + "refresh_token" : { + "type" : "string", + "example" : "eyJhbGciOiJkaXIiLCJlbmMiOi....", + "x-ing-type" : "string" + }, + "refresh_token_expires_in" : { + "type" : "integer", + "example" : 3600, + "x-ing-type" : "integer" + }, + "client_id" : { + "type" : "string", + "example" : "dc46e4b8-70aa-4da4-b74a-a2576680f004", + "x-ing-type" : "string" }, - "minItems" : 1, - "x-ing-type" : "array" + "keys" : { + "minItems" : 1, + "type" : "array", + "description" : "ING public key in JSON Web Key Set standard format (https://tools.ietf.org/html/rfc7517).", + "items" : { + "$ref" : "#/components/schemas/jsonWebKeySet" + }, + "x-ing-type" : "array" + } } - } - }, - "Error" : { - "type" : "object", - "required" : [ "message" ], - "properties" : { - "message" : { - "type" : "string", - "x-ing-type" : "string" + }, + "Error" : { + "required" : [ "message" ], + "type" : "object", + "properties" : { + "message" : { + "type" : "string", + "x-ing-type" : "string" + } } - } - }, - "jsonWebKeySet" : { - "type" : "object", - "properties" : { - "kty" : { - "type" : "string", - "example" : "RSA", - "description" : "The key type", - "x-ing-type" : "string" - }, - "alg" : { - "type" : "string", - "example" : "RS256", - "description" : "The algorithm for the key", - "x-ing-type" : "string" - }, - "use" : { - "type" : "string", - "example" : "sig", - "description" : "How the key was meant to be used", - "x-ing-type" : "string" - }, - "kid" : { - "type" : "string", - "description" : "The unique identifier for the key", - "x-ing-type" : "string" - }, - "n" : { - "type" : "string", - "description" : "The modulus for a standard pem", - "x-ing-type" : "string" - }, - "e" : { - "type" : "string", - "description" : "The exponent for a standard pem", - "x-ing-type" : "string" - }, - "x5t" : { - "type" : "string", - "description" : "The thumbprint of the x.509 cert (SHA-1 thumbprint)", - "x-ing-type" : "string" - }, - "x5c" : { - "type" : "array", - "description" : "The x509 certificate chain", - "items" : { + }, + "jsonWebKeySet" : { + "type" : "object", + "properties" : { + "kty" : { + "type" : "string", + "description" : "The key type", + "example" : "RSA", + "x-ing-type" : "string" + }, + "alg" : { + "type" : "string", + "description" : "The algorithm for the key", + "example" : "RS256", + "x-ing-type" : "string" + }, + "use" : { + "type" : "string", + "description" : "How the key was meant to be used", + "example" : "sig", + "x-ing-type" : "string" + }, + "kid" : { + "type" : "string", + "description" : "The unique identifier for the key", + "x-ing-type" : "string" + }, + "n" : { "type" : "string", + "description" : "The modulus for a standard pem", "x-ing-type" : "string" }, - "x-ing-type" : "array" + "e" : { + "type" : "string", + "description" : "The exponent for a standard pem", + "x-ing-type" : "string" + }, + "x5t" : { + "type" : "string", + "description" : "The thumbprint of the x.509 cert (SHA-1 thumbprint)", + "x-ing-type" : "string" + }, + "x5c" : { + "type" : "array", + "description" : "The x509 certificate chain", + "items" : { + "type" : "string", + "x-ing-type" : "string" + }, + "x-ing-type" : "array" + } + }, + "description" : "ING's current public key certificate encoded as a JSON Web Key SET (JWKS)" + } + }, + "securitySchemes" : { + "ING-Application-Security" : { + "type" : "oauth2", + "flows" : { + "clientCredentials" : { + "tokenUrl" : "https://api.ing.com/oauth2/token", + "scopes" : { + "granting" : "Required to start the \"granting\" flow for an ING customer." + } + } } - }, - "description" : "ING's current public key certificate encoded as a JSON Web Key SET (JWKS)" + } } }, "x-ing-guidelines-version" : 1 diff --git a/api/payment/initiation/Payment-Initiation-API.json b/api/payment/initiation/Payment-Initiation-API.json index d9c5d17..e67b064 100644 --- a/api/payment/initiation/Payment-Initiation-API.json +++ b/api/payment/initiation/Payment-Initiation-API.json @@ -2,12 +2,12 @@ "swagger" : "2.0", "info" : { "description" : "Create payment initiation applications that offer great added value to your customers and users. INGs Payment Initiation Service will enable secure access to all European ING online accessible payments accounts.", - "version" : "1.5.3", + "version" : "2.0.2", "title" : "Payment Initiation API", "contact" : { "name" : "ING Developer Portal", "url" : "https://developer.ing.com", - "email" : "apis@ing.com" + "email" : "developerportal@ing.com" }, "license" : { "name" : "Copyright (c) ING Bank N.V. All Rights Reserved.", @@ -107,6 +107,9 @@ "$ref" : "#/definitions/PaymentInstruction" } } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], "responses" : { "201" : { "description" : "Created.", @@ -129,8 +132,8 @@ "ASPSP-SCA-Approach" : { "type" : "string", "description" : "Defines the chosen SCA by ING i.e. REDIRECT. ING will start the authorization process implicitly as no additional data is needed from the TPP. Subsequently, the redirection of the PSU browser session should happen directly after the Payment Initiation Response.", - "enum" : [ "REDIRECT" ], "default" : "REDIRECT", + "enum" : [ "REDIRECT" ], "x-ing-type" : "string" } }, @@ -168,6 +171,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -180,10 +189,7 @@ "$ref" : "#/definitions/TPPMessages" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-accounts:orders:create" ] - } ] + } } }, "/v1/payments/{payment-product}/{paymentId}" : { @@ -297,6 +303,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -418,6 +430,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -544,6 +562,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -630,6 +654,9 @@ "$ref" : "#/definitions/SinglePaymentRequestXML" } } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], "responses" : { "201" : { "description" : "Created.", @@ -652,8 +679,8 @@ "ASPSP-SCA-Approach" : { "type" : "string", "description" : "Defines the chosen SCA by ING i.e. REDIRECT. ING will start the authorization process implicitly as no additional data is needed from the TPP. Subsequently, the redirection of the PSU browser session should happen directly after the Payment Initiation Response.", - "enum" : [ "REDIRECT" ], "default" : "REDIRECT", + "enum" : [ "REDIRECT" ], "x-ing-type" : "string" } }, @@ -691,6 +718,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -703,10 +736,7 @@ "$ref" : "#/definitions/TPPMessages" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-accounts:orders:create" ] - } ] + } } }, "/v1/payments/pain.001-{payment-product}/{paymentId}" : { @@ -820,6 +850,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -946,6 +982,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1072,6 +1114,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1159,6 +1207,9 @@ "$ref" : "#/definitions/PeriodicPaymentInitiation_json" } } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], "responses" : { "201" : { "description" : "Created.", @@ -1213,6 +1264,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1225,10 +1282,7 @@ "$ref" : "#/definitions/TPPMessages" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-accounts:orders:create" ] - } ] + } } }, "/v1/periodic-payments/{payment-product}/{paymentId}" : { @@ -1342,6 +1396,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1457,6 +1517,18 @@ "$ref" : "#/definitions/TPPMessages" } }, + "422" : { + "description" : "UNPROCESSABLE ENTITY.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1571,6 +1643,18 @@ "$ref" : "#/definitions/TPPMessages" } }, + "422" : { + "description" : "UNPROCESSABLE ENTITY.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1678,6 +1762,9 @@ "type" : "string", "enum" : [ "01", "02", "03", "04", "05", "06", "07", "08", "09", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", "22", "23", "24", "25", "26", "27", "28", "29", "30", "31" ] } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], "responses" : { "201" : { "description" : "Created.", @@ -1732,6 +1819,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1744,10 +1837,7 @@ "$ref" : "#/definitions/TPPMessages" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-accounts:orders:create" ] - } ] + } } }, "/v1/periodic-payments/pain.001-{payment-product}/{paymentId}" : { @@ -1862,6 +1952,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -1949,6 +2045,9 @@ "$ref" : "#/definitions/BulkPaymentInitiationSct_json" } } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], "responses" : { "201" : { "description" : "Created.", @@ -1971,8 +2070,8 @@ "ASPSP-SCA-Approach" : { "type" : "string", "description" : "Defines the chosen SCA by ING i.e. REDIRECT. ING will start the authorization process implicitly as no additional data is needed from the TPP. Subsequently, the redirection of the PSU browser session should happen directly after the Payment Initiation Response.", - "enum" : [ "REDIRECT" ], "default" : "REDIRECT", + "enum" : [ "REDIRECT" ], "x-ing-type" : "string" } }, @@ -2010,6 +2109,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -2022,10 +2127,7 @@ "$ref" : "#/definitions/TPPMessages" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-accounts:orders:create" ] - } ] + } } }, "/v1/bulk-payments/{payment-product}/{paymentId}" : { @@ -2139,6 +2241,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -2260,6 +2368,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -2386,6 +2500,12 @@ "$ref" : "#/definitions/TPPMessages" } }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, "500" : { "description" : "Internal Server Error.", "schema" : { @@ -2400,113 +2520,402 @@ } } } - } - }, - "securityDefinitions" : { - "ING-Application-Security" : { - "type" : "oauth2", - "tokenUrl" : "https://api.ing.com/oauth2/token", - "flow" : "application", - "scopes" : { - "payment-accounts:orders:create" : "Create a payment order." - } - } - }, - "definitions" : { - "TPPMessages" : { - "type" : "object", - "required" : [ "tppMessages" ], - "properties" : { - "tppMessages" : { - "type" : "array", - "items" : { - "$ref" : "#/definitions/TPPMessage" - }, - "x-ing-type" : "array" - } - } }, - "TPPMessage" : { - "type" : "object", - "required" : [ "category", "code" ], - "properties" : { - "category" : { + "/v2/bulk-payments/{payment-product}" : { + "post" : { + "tags" : [ "Bulk payment initiation" ], + "summary" : "Bulk payment initiation request - JSON.", + "description" : "This operation will create a payment initiation request at ING as a resource addressable under {payment-product} with all data relevant for the corresponding payment product. One Payment request can support upto 5000 underlying transactions.", + "operationId" : "initiateBulkPaymentV2", + "consumes" : [ "application/json" ], + "produces" : [ "application/json" ], + "parameters" : [ { + "name" : "payment-product", + "in" : "path", + "description" : "The addressed payment product endpoint. The list of products supported is - sepa-credit-transfers - cross-border-credit-transfers - domestic-credit-transfers In due course, ING can communicate additional supported payment products.", + "required" : true, "type" : "string", - "description" : "The value for the category property indicates the importance of the error that is returned and MUST be one of the values: ERROR - Indicates that operation has been completed with errors. WARNING - Indicates that operation has been successfully completed but there is/are warnings about the operation", - "enum" : [ "ERROR", "WARNING" ], - "x-ing-type" : "string" - }, - "code" : { + "enum" : [ "sepa-credit-transfers", "cross-border-credit-transfers", "domestic-credit-transfers" ] + }, { + "name" : "X-Request-ID", + "in" : "header", + "description" : "ID of the request, unique to the call, as determined by the initiating party (TPP).", + "required" : true, "type" : "string", - "example" : "PAYMENT_FAILED", - "enum" : [ "SERVICE_INVALID", "TRANSACTION_ID_INVALID", "PRODUCT_INVALID", "PRODUCT_UNKNOWN", "PAYMENT_FAILED", "INVALID_HEADER", "FORMAT_ERROR", "RESOURCE_UNKNOWN", "SERVICE_BLOCKED", "ING_ERROR" ], - "x-ing-type" : "string" - }, - "text" : { + "format" : "uuid" + }, { + "name" : "Authorization", + "in" : "header", + "description" : "Bearer Token. Represents TPP Application Access Token. The process to obtain the Application Access Token is described in Client Credentials \"Authentication Flow\": https://developer.ing.com/openbanking/get-started", + "required" : true, "type" : "string", - "description" : "Additional explaining text.", - "maxLength" : 512, - "x-ing-type" : "string" - }, - "path" : { + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./_,'+ -]+$" + }, { + "name" : "Signature", + "in" : "header", + "description" : "A signature of the request by the TPP on application level. The process of signing a request is described in 'Signing HTTP Messages' RFC draft version 07 (https://tools.ietf.org/html/draft-cavage-http-signatures-07). The request signature needs to be sent in the 'Signature' HTTP header as described in the RFC. For more details refer to: https://developer.ing.com/openbanking/get-started Additional requirements from ING:\n - The only allowed algorithm is RSA-SHA256\n - The key size for the used RSA key pair has to be at least 2048 bit\n - The keyId is the clientId of your application originating from the ING Developer Portal\n - We require the following headers required for every request: \"(request-target) Date Digest X-Request-ID\". The request-target is a combination of the HTTP action verb and the request URI path.", + "required" : true, "type" : "string", - "description" : "The path of the element of the request message which provoked this error message", - "x-ing-type" : "string" - } - }, - "description" : "TPP Messages - In case of any error or warning." - }, - "SinglePaymentRequestXML" : { - "type" : "string" - }, - "SinglePaymentStatusXML" : { - "type" : "string", - "example" : "?xml version=\"1.0\" encoding=\"UTF-8\"?\nDocument xmlns=\"urn:iso:std:iso:20022:tech:xsd:pain.002.001.03\"\n.CstmrPmtStsRpt\n...GrpHdr\n.....!-- other properties removed for brevity --\n.../GrpHdr\n...OrgnlGrpInfAndSts\n.....!-- other properties removed for brevity --\n.../OrgnlGrpInfAndSts\n...OrgnlPmtInfAndSts\n.....!-- other properties removed for brevity --\n.....PmtInfSts\n.......ACCP\n...../PmtInfSts\n.....StsRsnInf\n.......AddtlInf\n.........fundsAvailable: true !-- can be true|false|unknown --\n......./AddtlInf\n.......AddtlInf\n.........fundsAvailableTimestamp: 1676041197 !-- epoch in seconds --\n......./AddtlInf\n...../StsRsnInf\n.../OrgnlPmtInfAndSts\n./CstmrPmtStsRpt\n/Document\n" - }, - "SinglePaymentStatusXML_V2" : { - "type" : "string", - "example" : "?xml version=\"1.0\" encoding=\"UTF-8\"?\nDocument xmlns=\"urn:iso:std:iso:20022:tech:xsd:pain.002.001.11\"\n.CstmrPmtStsRpt\n...GrpHdr\n.....!-- other properties removed for brevity --\n.../GrpHdr\n...OrgnlGrpInfAndSts\n.....!-- other properties removed for brevity --\n.../OrgnlGrpInfAndSts\n...OrgnlPmtInfAndSts\n.....!-- other properties removed for brevity --\n.....PmtInfSts\n.......ACCP\n...../PmtInfSts\n.....StsRsnInf\n.......AddtlInf\n.........fundsAvailable: true !-- can be true|false|unknown --\n......./AddtlInf\n.......AddtlInf\n.........fundsAvailableTimestamp: 1676041197 !-- epoch in seconds --\n......./AddtlInf\n...../StsRsnInf\n.../OrgnlPmtInfAndSts\n./CstmrPmtStsRpt\n/Document\n" - }, - "PaymentInstruction" : { - "type" : "object", - "required" : [ "creditorAccount", "creditorName", "instructedAmount" ], - "properties" : { - "endToEndIdentification" : { - "$ref" : "#/definitions/endToEndIdentification" - }, - "debtorAccount" : { - "$ref" : "#/definitions/debtorAccount" - }, - "instructedAmount" : { - "$ref" : "#/definitions/Amount" - }, - "creditorAccount" : { - "$ref" : "#/definitions/creditorAccount" - }, - "creditorAgent" : { - "$ref" : "#/definitions/creditorAgent" - }, - "creditorName" : { - "$ref" : "#/definitions/creditorName" - }, - "creditorAddress" : { - "$ref" : "#/definitions/Address" - }, - "chargeBearer" : { - "$ref" : "#/definitions/chargeBearer" - }, - "remittanceInformationUnstructured" : { - "$ref" : "#/definitions/remittanceInformationUnstructured" - }, - "clearingSystemMemberIdentification" : { - "$ref" : "#/definitions/clearingSystemMemberIdentification" - }, - "debtorName" : { - "$ref" : "#/definitions/debtorName" - }, - "debtorAgent" : { - "$ref" : "#/definitions/debtorAgent" - }, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./\"_=,'+ -]+$" + }, { + "name" : "Digest", + "in" : "header", + "description" : "The \"Digest\" Header header as defined in [RFC3230] contains a Hash of the message body. The only hash algorithms that may be used to calculate the Digest within the context of this specification are SHA-256 and SHA-512 as defined in [RFC5843].", + "required" : true, + "type" : "string", + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,='+ -]+$" + }, { + "name" : "Date", + "in" : "header", + "description" : "Standard HTTP header element for date and time. HTTP headers are represented as RFC 7231, chapter 7.1.1.1. Date/Time Formats. Format: EEE, dd MMM yyyy HH:mm:ss 'GMT'", + "required" : true, + "type" : "string" + }, { + "name" : "TPP-Redirect-URI", + "in" : "header", + "description" : "URI of the TPP, where the transaction flow shall be redirected to after a Redirect", + "required" : true, + "type" : "string", + "format" : "uri" + }, { + "name" : "PSU-IP-Address", + "in" : "header", + "description" : "The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.", + "required" : true, + "type" : "string", + "format" : "ipv4,ipv6" + }, { + "in" : "body", + "name" : "body", + "description" : "Payment initiation instruction. The payment data to be transported in the request body are dependent of the chosen API endpoint.", + "required" : true, + "schema" : { + "$ref" : "#/definitions/BulkPaymentInitiationSct_jsonV2" + } + } ], + "security" : [ { + "ING-Application-Security" : [ "payment-accounts:orders:create" ] + } ], + "responses" : { + "201" : { + "description" : "Created.", + "headers" : { + "X-Request-ID" : { + "type" : "string", + "description" : "ID of the individual request determined by the initiating party", + "x-ing-type" : "string" + }, + "X-ING-Response-ID" : { + "type" : "string", + "description" : "ID for tracing the individual request determined by the initiating party", + "x-ing-type" : "string" + }, + "Location" : { + "type" : "string", + "description" : "Location of the created resource (if created) i.e. GET /v1/bulk-payments/{payment-product}/{paymentId} example GET /v1/bulk-payments/sepa-credit-transfers/0e62dac7-6c2a-4483-ae01-b8f6221673d2", + "x-ing-type" : "string" + }, + "ASPSP-SCA-Approach" : { + "type" : "string", + "description" : "Defines the chosen SCA by ING i.e. REDIRECT. ING will start the authorization process implicitly as no additional data is needed from the TPP. Subsequently, the redirection of the PSU browser session should happen directly after the Payment Initiation Response.", + "default" : "REDIRECT", + "enum" : [ "REDIRECT" ], + "x-ing-type" : "string" + } + }, + "schema" : { + "$ref" : "#/definitions/BulkPaymentInitiationResponse" + } + }, + "400" : { + "description" : "Bad Request.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "401" : { + "description" : "Unauthorised.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "403" : { + "description" : "Forbidden.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "404" : { + "description" : "Not Found.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "422" : { + "description" : "UNPROCESSABLE ENTITY.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "500" : { + "description" : "Internal Server Error.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "503" : { + "description" : "SERVICE UNAVAILABLE.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + } + } + } + }, + "/v2/bulk-payments/{payment-product}/{paymentId}" : { + "get" : { + "tags" : [ "Bulk payment initiation" ], + "summary" : "Bulk payment details - JSON", + "description" : "This operation will return the bulk payment initiation details based on the unique identifier of the payment (paymentId), as provided by ING as part of the response of the bulk payment initiation request.", + "produces" : [ "application/json" ], + "parameters" : [ { + "name" : "payment-product", + "in" : "path", + "description" : "The addressed payment product endpoint. The list of products supported is - sepa-credit-transfers - cross-border-credit-transfers - domestic-credit-transfers In due course, ING can communicate additional supported payment products.", + "required" : true, + "type" : "string", + "enum" : [ "sepa-credit-transfers", "cross-border-credit-transfers", "domestic-credit-transfers" ] + }, { + "name" : "paymentId", + "in" : "path", + "description" : "Identification of payment instruction in ING (resource identification of the generated payment initiation resource).", + "required" : true, + "type" : "string", + "format" : "uuid" + }, { + "name" : "X-Request-ID", + "in" : "header", + "description" : "ID of the request, unique to the call, as determined by the initiating party (TPP).", + "required" : true, + "type" : "string", + "format" : "uuid" + }, { + "name" : "Authorization", + "in" : "header", + "description" : "Bearer Token. Represents TPP Application Access Token. The process to obtain the Application Access Token is described in Client Credentials \"Authentication Flow\": https://developer.ing.com/openbanking/get-started", + "required" : true, + "type" : "string", + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./_,'+ -]+$" + }, { + "name" : "Signature", + "in" : "header", + "description" : "A signature of the request by the TPP on application level. The process of signing a request is described in 'Signing HTTP Messages' RFC draft version 07 (https://tools.ietf.org/html/draft-cavage-http-signatures-07). The request signature needs to be sent in the 'Signature' HTTP header as described in the RFC. For more details refer to: https://developer.ing.com/openbanking/get-started Additional requirements from ING:\n - The only allowed algorithm is RSA-SHA256\n - The key size for the used RSA key pair has to be at least 2048 bit\n - The keyId is the clientId of your application originating from the ING Developer Portal\n - We require the following headers required for every request: \"(request-target) Date Digest X-Request-ID\". The request-target is a combination of the HTTP action verb and the request URI path.", + "required" : true, + "type" : "string", + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./\"_=,'+ -]+$" + }, { + "name" : "Digest", + "in" : "header", + "description" : "The \"Digest\" Header header as defined in [RFC3230] contains a Hash of the message body. The only hash algorithms that may be used to calculate the Digest within the context of this specification are SHA-256 and SHA-512 as defined in [RFC5843].", + "required" : true, + "type" : "string", + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,='+ -]+$" + }, { + "name" : "Date", + "in" : "header", + "description" : "Standard HTTP header element for date and time. HTTP headers are represented as RFC 7231, chapter 7.1.1.1. Date/Time Formats. Format: EEE, dd MMM yyyy HH:mm:ss 'GMT'", + "required" : true, + "type" : "string" + }, { + "name" : "PSU-IP-Address", + "in" : "header", + "description" : "The forwarded IP Address header field consists of the corresponding http request IP Address field between PSU and TPP.", + "required" : false, + "type" : "string", + "format" : "ipv4,ipv6" + } ], + "responses" : { + "200" : { + "description" : "OK", + "headers" : { + "X-Request-ID" : { + "type" : "string", + "description" : "ID of the individual request determined by the initiating party", + "x-ing-type" : "string" + }, + "X-ING-Response-ID" : { + "type" : "string", + "description" : "ID for tracing the individual request determined by the initiating party", + "x-ing-type" : "string" + } + }, + "schema" : { + "$ref" : "#/definitions/BulkPaymentInitiationSct_jsonV2" + } + }, + "400" : { + "description" : "Bad Request.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "401" : { + "description" : "Unauthorised.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "403" : { + "description" : "Forbidden.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "404" : { + "description" : "Not Found.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "422" : { + "description" : "UNPROCESSABLE ENTITY.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "429" : { + "description" : "Too Many Requests.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "500" : { + "description" : "Internal Server Error.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + }, + "503" : { + "description" : "SERVICE UNAVAILABLE.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } + } + } + } + } + }, + "securityDefinitions" : { + "ING-Application-Security" : { + "type" : "oauth2", + "tokenUrl" : "https://api.ing.com/oauth2/token", + "flow" : "application", + "scopes" : { + "payment-accounts:orders:create" : "Create a payment order." + } + } + }, + "definitions" : { + "TPPMessages" : { + "type" : "object", + "required" : [ "tppMessages" ], + "properties" : { + "tppMessages" : { + "type" : "array", + "items" : { + "$ref" : "#/definitions/TPPMessage" + }, + "x-ing-type" : "array" + } + } + }, + "TPPMessage" : { + "type" : "object", + "required" : [ "category", "code" ], + "properties" : { + "category" : { + "type" : "string", + "description" : "The value for the category property indicates the importance of the error that is returned and MUST be one of the values: ERROR - Indicates that operation has been completed with errors. WARNING - Indicates that operation has been successfully completed but there is/are warnings about the operation", + "enum" : [ "ERROR", "WARNING" ], + "x-ing-type" : "string" + }, + "code" : { + "type" : "string", + "example" : "PAYMENT_FAILED", + "enum" : [ "SERVICE_INVALID", "TRANSACTION_ID_INVALID", "PRODUCT_INVALID", "PRODUCT_UNKNOWN", "PAYMENT_FAILED", "INVALID_HEADER", "FORMAT_ERROR", "RESOURCE_UNKNOWN", "SERVICE_BLOCKED", "ING_ERROR" ], + "x-ing-type" : "string" + }, + "text" : { + "type" : "string", + "description" : "Additional explaining text.", + "maxLength" : 512, + "x-ing-type" : "string" + }, + "path" : { + "type" : "string", + "description" : "The path of the element of the request message which provoked this error message", + "x-ing-type" : "string" + } + }, + "description" : "TPP Messages - In case of any error or warning." + }, + "SinglePaymentRequestXML" : { + "type" : "string" + }, + "SinglePaymentStatusXML" : { + "type" : "string", + "example" : "?xml version=\"1.0\" encoding=\"UTF-8\"?\nDocument xmlns=\"urn:iso:std:iso:20022:tech:xsd:pain.002.001.03\"\n.CstmrPmtStsRpt\n...GrpHdr\n.....!-- other properties removed for brevity --\n.../GrpHdr\n...OrgnlGrpInfAndSts\n.....!-- other properties removed for brevity --\n.../OrgnlGrpInfAndSts\n...OrgnlPmtInfAndSts\n.....!-- other properties removed for brevity --\n.....PmtInfSts\n.......ACCP\n...../PmtInfSts\n.....StsRsnInf\n.......AddtlInf\n.........fundsAvailable: true !-- can be true|false|unknown --\n......./AddtlInf\n.......AddtlInf\n.........fundsAvailableTimestamp: 1676041197 !-- epoch in seconds --\n......./AddtlInf\n...../StsRsnInf\n.../OrgnlPmtInfAndSts\n./CstmrPmtStsRpt\n/Document\n" + }, + "SinglePaymentStatusXML_V2" : { + "type" : "string", + "example" : "?xml version=\"1.0\" encoding=\"UTF-8\"?\nDocument xmlns=\"urn:iso:std:iso:20022:tech:xsd:pain.002.001.11\"\n.CstmrPmtStsRpt\n...GrpHdr\n.....!-- other properties removed for brevity --\n.../GrpHdr\n...OrgnlGrpInfAndSts\n.....!-- other properties removed for brevity --\n.../OrgnlGrpInfAndSts\n...OrgnlPmtInfAndSts\n.....!-- other properties removed for brevity --\n.....PmtInfSts\n.......ACCP\n...../PmtInfSts\n.....StsRsnInf\n.......AddtlInf\n.........fundsAvailable: true !-- can be true|false|unknown --\n......./AddtlInf\n.......AddtlInf\n.........fundsAvailableTimestamp: 1676041197 !-- epoch in seconds --\n......./AddtlInf\n...../StsRsnInf\n.../OrgnlPmtInfAndSts\n./CstmrPmtStsRpt\n/Document\n" + }, + "PaymentInstruction" : { + "type" : "object", + "required" : [ "creditorAccount", "creditorName", "instructedAmount" ], + "properties" : { + "endToEndIdentification" : { + "$ref" : "#/definitions/endToEndIdentification" + }, + "debtorAccount" : { + "$ref" : "#/definitions/debtorAccount" + }, + "instructedAmount" : { + "$ref" : "#/definitions/Amount" + }, + "creditorAccount" : { + "$ref" : "#/definitions/creditorAccount" + }, + "creditorAgent" : { + "$ref" : "#/definitions/creditorAgent" + }, + "creditorName" : { + "$ref" : "#/definitions/creditorName" + }, + "creditorAddress" : { + "$ref" : "#/definitions/Address" + }, + "chargeBearer" : { + "$ref" : "#/definitions/chargeBearer" + }, + "remittanceInformationUnstructured" : { + "$ref" : "#/definitions/remittanceInformationUnstructured" + }, + "clearingSystemMemberIdentification" : { + "$ref" : "#/definitions/clearingSystemMemberIdentification" + }, + "debtorName" : { + "$ref" : "#/definitions/debtorName" + }, + "debtorAgent" : { + "$ref" : "#/definitions/debtorAgent" + }, "instructionPriority" : { "$ref" : "#/definitions/instructionPriority" }, @@ -2700,6 +3109,106 @@ }, "description" : "JSON Body for a bulk payment initiation.\n" }, + "BulkPaymentInitiationSct_jsonV2" : { + "type" : "object", + "required" : [ "payments" ], + "properties" : { + "requestedExecutionDate" : { + "type" : "string", + "format" : "date", + "example" : "2019-01-30", + "description" : "Date at which the initiating party requests the clearing agent to process the payment. This is the date on which the debtor's account is to be debited. This Field mentions a particular point in the progression of time in a calendar year expressed in the YYYY-MM-DD format. Example Use Case: Future Dated Payment", + "x-ing-type" : "string" + }, + "debtorAccount" : { + "$ref" : "#/definitions/debtorAccount" + }, + "debtorName" : { + "$ref" : "#/definitions/debtorName" + }, + "debtorAgent" : { + "$ref" : "#/definitions/debtorAgent" + }, + "batchBookingPreferred" : { + "$ref" : "#/definitions/batchBookingPreferred" + }, + "chargeBearer" : { + "$ref" : "#/definitions/chargeBearer" + }, + "instructionPriority" : { + "$ref" : "#/definitions/instructionPriority" + }, + "serviceLevelCode" : { + "$ref" : "#/definitions/serviceLevelCode" + }, + "localInstrumentCode" : { + "$ref" : "#/definitions/localInstrumentCode" + }, + "categoryPurposeCode" : { + "$ref" : "#/definitions/categoryPurposeCode" + }, + "uetr" : { + "$ref" : "#/definitions/UETR" + }, + "payments" : { + "type" : "array", + "description" : "A list of JSON bodies for single transactions.", + "items" : { + "type" : "object", + "properties" : { + "endToEndIdentification" : { + "$ref" : "#/definitions/endToEndIdentification" + }, + "instructedAmount" : { + "$ref" : "#/definitions/Amount" + }, + "creditorAccount" : { + "$ref" : "#/definitions/creditorAccount" + }, + "creditorAgent" : { + "$ref" : "#/definitions/creditorAgent" + }, + "creditorName" : { + "$ref" : "#/definitions/creditorName" + }, + "creditorLEI" : { + "$ref" : "#/definitions/LEI" + }, + "creditorAddress" : { + "$ref" : "#/definitions/AddressV2" + }, + "remittanceInformationUnstructured" : { + "$ref" : "#/definitions/remittanceInformationUnstructured" + }, + "remittanceInformationStructured" : { + "$ref" : "#/definitions/remittanceInformationStructured" + }, + "chargeBearer" : { + "$ref" : "#/definitions/chargeBearer" + }, + "instructionPriority" : { + "$ref" : "#/definitions/instructionPriority" + }, + "serviceLevelCode" : { + "$ref" : "#/definitions/serviceLevelCode" + }, + "localInstrumentCode" : { + "$ref" : "#/definitions/localInstrumentCode" + }, + "categoryPurposeCode" : { + "$ref" : "#/definitions/categoryPurposeCode" + } + }, + "required" : [ "creditorAccount", "creditorName", "instructedAmount" ], + "x-ing-type" : "object" + }, + "maxItems" : 5000, + "minItems" : 1, + "x-ing-type" : "array" + } + }, + "description" : "JSON Body for a bulk payment initiation.\n" + }, "endToEndIdentification" : { "type" : "string", "maxLength" : 35, @@ -2779,6 +3288,42 @@ "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", "description" : "'Information supplied to enable the matching of an entry with the items that the transfer is intended to settle, such as commercial invoices in an accounts' receivable system. Information supplied to enable the matching/reconciliation of an entry with the items that the payment is intended to settle, such as commercial invoices in an accounts' receivable system, in an unstructured form.'" }, + "remittanceInformationStructured" : { + "type" : "object", + "required" : [ "reference" ], + "properties" : { + "type" : { + "type" : "object", + "properties" : { + "codeOrProprietary" : { + "type" : "object", + "properties" : { + "code" : { + "type" : "string", + "enum" : [ "RADM", "RPIN", "FXDR", "DISP", "PUOR", "SCOR" ], + "x-ing-type" : "string" + } + }, + "x-ing-type" : "object" + }, + "issuer" : { + "type" : "string", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + } + }, + "x-ing-type" : "object" + }, + "reference" : { + "type" : "string", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + } + }, + "description" : "Structured remittance information." + }, "clearingSystemMemberIdentification" : { "type" : "object", "required" : [ "clearingSystemIdentificationCode", "memberIdentification" ], @@ -2917,6 +3462,123 @@ } } }, + "AddressV2" : { + "type" : "object", + "required" : [ "country", "townName" ], + "properties" : { + "department" : { + "type" : "string", + "description" : "department", + "maxLength" : 70, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "subDepartment" : { + "type" : "string", + "description" : "sub department", + "maxLength" : 70, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "streetName" : { + "type" : "string", + "description" : "street name", + "maxLength" : 70, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "buildingNumber" : { + "type" : "string", + "description" : "building number", + "maxLength" : 16, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "buildingName" : { + "type" : "string", + "description" : "building name", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "floor" : { + "type" : "string", + "description" : "floor", + "maxLength" : 70, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "postBox" : { + "type" : "string", + "description" : "post box", + "maxLength" : 16, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "room" : { + "type" : "string", + "description" : "room", + "maxLength" : 70, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "postCode" : { + "type" : "string", + "description" : "postal code", + "maxLength" : 16, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "townName" : { + "type" : "string", + "description" : "town name", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "townLocationName" : { + "type" : "string", + "description" : "town location name", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "districtName" : { + "type" : "string", + "description" : "district name", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "countrySubDivision" : { + "type" : "string", + "description" : "country sub division", + "maxLength" : 35, + "pattern" : "^[abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789?:()./,'+ -]+$", + "x-ing-type" : "string" + }, + "country" : { + "type" : "string", + "example" : "NL", + "description" : "ISO Country Code", + "pattern" : "[A-Z]{2,2}", + "x-ing-type" : "string" + } + } + }, + "LEI" : { + "type" : "string", + "maxLength" : 20, + "pattern" : "^[A-Z0-9]{18,18}[0-9]{2,2}$", + "description" : "The Legal Entity Identifier (LEI), a unique global identifier for legal entities.", + "example" : "3TK20IVIUJ8J3ZU0QE75" + }, + "UETR" : { + "type" : "string", + "format" : "uuid", + "description" : "A Unique End-to-end Transaction Reference, designed to act as a single source of truth for a payment and provide complete transparency for all parties in a payment chain.", + "example" : "123e4567-e89b-12d3-a456-426614174000" + }, "PaymentInitiationResponse" : { "type" : "object", "required" : [ "_links", "paymentId", "transactionStatus" ], @@ -3024,7 +3686,7 @@ "addtlInf" : { "type" : "array", "example" : [ "fundsAvailable: true", "fundsAvailableTimestamp: 1674550348" ], - "description" : "Additional Information - further details on the status reason.\n - fundsAvailable - \n - 'true' - There was sufficient balance in the account to cover the amount in payment request at the time when it is checked.\n - 'false' - There was not enough balance in the account to cover the amount in payment request at the time when it is checked.\n - 'unknown' - Either balance check did not happen or balance check failed.\n - fundsAvailableTimestamp -\n Date and time of funds availability check in epoch time (seconds)", + "description" : "Additional Information - further details on the status reason.\n - fundsAvailable -\n - 'true' - There was sufficient balance in the account to cover the amount in payment request at the time when it is checked.\n - 'false' - There was not enough balance in the account to cover the amount in payment request at the time when it is checked.\n - 'unknown' - Either balance check did not happen or balance check failed.\n - fundsAvailableTimestamp -\n Date and time of funds availability check in epoch time (seconds)", "items" : { "type" : "string", "minLength" : 1, @@ -3034,7 +3696,8 @@ "x-ing-type" : "array" } }, - "description" : "Status Reason Information - provides detailed information on the status reason." + "description" : "Status Reason Information - provides detailed information on the status reason.", + "additionalProperties" : false }, "StatusReasonChoice" : { "type" : "object", @@ -3053,7 +3716,8 @@ "maxLength" : 35, "x-ing-type" : "string" } - } + }, + "additionalProperties" : false }, "PaymentAgreementStatusResponse" : { "type" : "object", @@ -3082,7 +3746,7 @@ "type" : "string", "format" : "uri", "example" : "https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL", - "description" : "'ING is transmitting the link to which to redirect the PSU browser.' \nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f \notherwise: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL\n", + "description" : "'ING is transmitting the link to which to redirect the PSU browser.'\nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f\notherwise:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL\n", "x-ing-type" : "string" }, "self" : { @@ -3116,7 +3780,7 @@ "type" : "string", "format" : "uri", "example" : "https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL", - "description" : "'ING is transmitting the link to which to redirect the PSU browser.' \nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f \notherwise: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL\n", + "description" : "'ING is transmitting the link to which to redirect the PSU browser.'\nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f\notherwise:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL\n", "x-ing-type" : "string" }, "self" : { @@ -3150,7 +3814,7 @@ "type" : "string", "format" : "uri", "example" : "https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?type=bulk", - "description" : "'ING is transmitting the link to which to redirect the PSU browser.' \nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?type=bulk&externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f \notherwise: \n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?type=bulk\n", + "description" : "'ING is transmitting the link to which to redirect the PSU browser.'\nIf payment request is eligible for 1xSCA, link will contain externalSource and externalReference query parameters:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?type=bulk&externalSource=PIS&externalReference=7744b93c-f02d-4eb6-b467-afb78a962d4f\notherwise:\n https://myaccount.ing.com/payment-initiation/cc04ef71-085e-468e-87bd-2881d8a03a5d/NL?type=bulk\n", "x-ing-type" : "string" }, "self" : { @@ -3345,8 +4009,8 @@ "$ref" : "#/definitions/TPPMessages" } }, - "500SERVICEUNAVAILABLE" : { - "description" : "SERVICE UNAVAILABLE.", + "429TooManyRequests" : { + "description" : "Too Many Requests.", "schema" : { "$ref" : "#/definitions/TPPMessages" } @@ -3356,6 +4020,12 @@ "schema" : { "$ref" : "#/definitions/TPPMessages" } + }, + "500SERVICEUNAVAILABLE" : { + "description" : "SERVICE UNAVAILABLE.", + "schema" : { + "$ref" : "#/definitions/TPPMessages" + } } } } \ No newline at end of file diff --git a/api/payment/request/Payment-Request-API.json b/api/payment/request/Payment-Request-API.json index 2a6fca8..da44ae4 100644 --- a/api/payment/request/Payment-Request-API.json +++ b/api/payment/request/Payment-Request-API.json @@ -7,7 +7,7 @@ "contact" : { "name" : "ING Developer Portal", "url" : "https://developer.ing.com", - "email" : "apis@ing.com" + "email" : "developerportal@ing.com" } }, "host" : "api.ing.com", @@ -68,6 +68,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:view" ] + } ], "responses" : { "200" : { "description" : "OK", @@ -99,10 +102,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:view" ] - } ] + } } }, "/payment-requests" : { @@ -150,6 +150,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:create" ] + } ], "responses" : { "201" : { "description" : "Created", @@ -189,10 +192,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:create" ] - } ] + } } }, "/payment-requests/{id}/close" : { @@ -238,6 +238,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:close" ] + } ], "responses" : { "204" : { "description" : "No Content" @@ -272,10 +275,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:close" ] - } ] + } } }, "/payment-requests/registrations" : { @@ -315,6 +315,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:register" ] + } ], "responses" : { "200" : { "description" : "OK", @@ -346,10 +349,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:register" ] - } ] + } }, "post" : { "tags" : [ "Registration" ], @@ -396,6 +396,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:register" ] + } ], "responses" : { "202" : { "description" : "Accepted", @@ -427,10 +430,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:register" ] - } ] + } }, "patch" : { "tags" : [ "Registration" ], @@ -476,6 +476,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:register" ] + } ], "responses" : { "204" : { "description" : "No Content" @@ -504,10 +507,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:register" ] - } ] + } } }, "/payment-requests/{id}/payments" : { @@ -553,6 +553,9 @@ "required" : true, "type" : "string" } ], + "security" : [ { + "ING-Application-Security" : [ "payment-requests:view" ] + } ], "responses" : { "200" : { "description" : "OK", @@ -584,10 +587,7 @@ "$ref" : "#/definitions/error_1.0" } } - }, - "security" : [ { - "ING-Application-Security" : [ "payment-requests:view" ] - } ] + } } } }, diff --git a/api/showcase/Showcase-API.json b/api/showcase/Showcase-API.json index 2e5e1c6..6b4986d 100644 --- a/api/showcase/Showcase-API.json +++ b/api/showcase/Showcase-API.json @@ -6,9 +6,9 @@ "contact" : { "name" : "ING Developer Portal", "url" : "https://developer.ing.com", - "email" : "apis@ing.com" + "email" : "developerportal@ing.com" }, - "version" : "3.1.1" + "version" : "4.0.0" }, "servers" : [ { "url" : "https://api.ing.com" @@ -32,130 +32,66 @@ "in" : "header", "description" : "OAuth2 Token.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "X-JWS-Signature", "in" : "header", "description" : "A JWS signature of the request by the third party on application level. See \"Get Started\" for more information on how to generate", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "Digest", "in" : "header", "description" : "SHA256 of the body.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "Date", "in" : "header", "description" : "Standard http header element for date and time.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { "type" : "string", - "format" : "date-time", - "x-ing-type" : "string" + "format" : "date-time" + } + }, { + "name" : "Content-Type", + "in" : "header", + "description" : "The \"content-type\" header is used to indicate what type of media or resource is being used for the payload in the request. The value of the header should be application/x-www-form-urlencoded.", + "required" : true, + "schema" : { + "type" : "string" } } ], "responses" : { - "500" : { - "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", + "200" : { + "description" : "OK", + "headers" : { + "X-ING-Response-ID" : { + "description" : "Response UUID, if X-ING-ReqID supplied in the request", + "style" : "simple", + "schema" : { + "type" : "string" + } + }, + "X-ING-ReqID" : { + "description" : "Request ID, can be a UUID", + "style" : "simple", + "schema" : { + "type" : "string" + } + } + }, "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Greeting" } } } @@ -165,307 +101,37 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "404" : { - "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", + "401" : { + "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "401" : { - "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", + "404" : { + "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "200" : { - "description" : "OK", - "headers" : { - "X-ING-Response-ID" : { - "description" : "Response UUID, if X-ING-ReqID supplied in the request", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - }, - "X-ING-ReqID" : { - "description" : "Request ID, can be a UUID", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - } - }, + "500" : { + "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", "content" : { "application/json" : { "schema" : { - "required" : [ "id", "message", "messageTimestamp" ], - "type" : "object", - "properties" : { - "message" : { - "type" : "string", - "description" : "A greeting message.", - "example" : "Welcome to ING!", - "x-ing-type" : "string" - }, - "id" : { - "type" : "string", - "description" : "A generated UUID.", - "example" : "aba4b176-8834-467d-9c2a-ee6acfc8fceb", - "x-ing-type" : "string" - }, - "messageTimestamp" : { - "type" : "string", - "description" : "The current time (GMT).", - "example" : "2023-07-30 15:42:17 GMT", - "x-ing-type" : "string" - } - }, - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -475,83 +141,7 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -573,96 +163,33 @@ "in" : "header", "description" : "OAuth2 Token", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } } ], "responses" : { - "500" : { - "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", + "200" : { + "description" : "OK", + "headers" : { + "X-ING-Response-ID" : { + "description" : "Response UUID, if X-ING-ReqID supplied in the request", + "style" : "simple", + "schema" : { + "type" : "string" + } + }, + "X-ING-ReqID" : { + "description" : "Request ID, can be a UUID", + "style" : "simple", + "schema" : { + "type" : "string" + } + } + }, "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Greeting" } } } @@ -672,307 +199,37 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "404" : { - "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", + "401" : { + "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "401" : { - "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", + "404" : { + "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "200" : { - "description" : "OK", - "headers" : { - "X-ING-Response-ID" : { - "description" : "Response UUID, if X-ING-ReqID supplied in the request", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - }, - "X-ING-ReqID" : { - "description" : "Request ID, can be a UUID", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - } - }, + "500" : { + "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", "content" : { "application/json" : { "schema" : { - "required" : [ "id", "message", "messageTimestamp" ], - "type" : "object", - "properties" : { - "message" : { - "type" : "string", - "description" : "A greeting message.", - "example" : "Welcome to ING!", - "x-ing-type" : "string" - }, - "id" : { - "type" : "string", - "description" : "A generated UUID.", - "example" : "aba4b176-8834-467d-9c2a-ee6acfc8fceb", - "x-ing-type" : "string" - }, - "messageTimestamp" : { - "type" : "string", - "description" : "The current time (GMT).", - "example" : "2023-07-30 15:42:17 GMT", - "x-ing-type" : "string" - } - }, - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -982,83 +239,7 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -1080,130 +261,58 @@ "in" : "header", "description" : "OAuth2 Token", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "Signature", "in" : "header", "description" : "An HTTP signature of the request by the third party on application level. See \"Get Started\" for more information on how to generate.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "Digest", "in" : "header", "description" : "SHA256 of the body.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { - "type" : "string", - "x-ing-type" : "string" + "type" : "string" } }, { "name" : "Date", "in" : "header", "description" : "Standard http header element for date and time.", "required" : true, - "style" : "simple", - "explode" : false, "schema" : { "type" : "string", - "format" : "date-time", - "x-ing-type" : "string" + "format" : "date-time" } } ], "responses" : { - "500" : { - "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", + "200" : { + "description" : "OK", + "headers" : { + "X-ING-Response-ID" : { + "description" : "Response UUID, if X-ING-ReqID supplied in the request", + "style" : "simple", + "schema" : { + "type" : "string" + } + }, + "X-ING-ReqID" : { + "description" : "Request ID, can be a UUID", + "style" : "simple", + "schema" : { + "type" : "string" + } + } + }, "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Greeting" } } } @@ -1213,307 +322,37 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "404" : { - "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", + "401" : { + "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "401" : { - "description" : "Unauthorized - The request did not contain authorisation evidence. A valid subscription to the scope(s) that contain this API endpoint is required to allow the request to succeed.", + "404" : { + "description" : "Not Found - The requested resource cannot be found. Check the request URL if it matches with the endpoint described.", "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } }, - "200" : { - "description" : "OK", - "headers" : { - "X-ING-Response-ID" : { - "description" : "Response UUID, if X-ING-ReqID supplied in the request", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - }, - "X-ING-ReqID" : { - "description" : "Request ID, can be a UUID", - "style" : "simple", - "explode" : false, - "schema" : { - "type" : "string", - "x-ing-type" : "string" - } - } - }, + "500" : { + "description" : "Internal Server Error - Something went wrong on the server, check status site and/or report the issue. There's no need to really specify this any further (other than 503 below) as the client is powerless in fixing the condition that caused the error.", "content" : { "application/json" : { "schema" : { - "required" : [ "id", "message", "messageTimestamp" ], - "type" : "object", - "properties" : { - "message" : { - "type" : "string", - "description" : "A greeting message.", - "example" : "Welcome to ING!", - "x-ing-type" : "string" - }, - "id" : { - "type" : "string", - "description" : "A generated UUID.", - "example" : "aba4b176-8834-467d-9c2a-ee6acfc8fceb", - "x-ing-type" : "string" - }, - "messageTimestamp" : { - "type" : "string", - "description" : "The current time (GMT).", - "example" : "2023-07-30 15:42:17 GMT", - "x-ing-type" : "string" - } - }, - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -1523,83 +362,7 @@ "content" : { "application/json" : { "schema" : { - "required" : [ "code", "innerErrors", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - }, - "innerErrors" : { - "minItems" : 0, - "type" : "array", - "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" - } - }, - "description" : "Error message.", - "x-ing-type" : "object" + "$ref" : "#/components/schemas/Error" } } } @@ -1614,6 +377,27 @@ }, "components" : { "schemas" : { + "Greeting" : { + "required" : [ "id", "message", "messageTimestamp" ], + "type" : "object", + "properties" : { + "message" : { + "type" : "string", + "description" : "A greeting message.", + "example" : "Welcome to ING!" + }, + "id" : { + "type" : "string", + "description" : "A generated UUID.", + "example" : "aba4b176-8834-467d-9c2a-ee6acfc8fceb" + }, + "messageTimestamp" : { + "type" : "string", + "description" : "The current time (GMT).", + "example" : "2023-07-30 15:42:17 GMT" + } + } + }, "Error" : { "required" : [ "code", "innerErrors", "message", "severity" ], "type" : "object", @@ -1621,77 +405,36 @@ "severity" : { "type" : "string", "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" + "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ] }, "code" : { "type" : "string", "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" + "example" : "errParseFailed" }, "message" : { "type" : "string", "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" + "example" : "Unexpected end of file (missing a terminator/close bracket?)" }, "source" : { "type" : "string", "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" + "example" : "system76" }, "target" : { "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" + "description" : "Key/value pair indicating which input property caused the error" }, "innerErrors" : { "minItems" : 0, "type" : "array", "items" : { - "required" : [ "code", "message", "severity" ], - "type" : "object", - "properties" : { - "severity" : { - "type" : "string", - "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" - }, - "code" : { - "type" : "string", - "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" - }, - "message" : { - "type" : "string", - "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" - }, - "source" : { - "type" : "string", - "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" - }, - "target" : { - "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "x-ing-type" : "array" + "$ref" : "#/components/schemas/InnerError" + } } }, - "description" : "Error message.", - "x-ing-type" : "object" + "description" : "Error message." }, "InnerError" : { "required" : [ "code", "message", "severity" ], @@ -1700,60 +443,29 @@ "severity" : { "type" : "string", "example" : "CRITICAL", - "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ], - "x-ing-type" : "string" + "enum" : [ "CRITICAL", "ERROR", "WARNING", "INFO" ] }, "code" : { "type" : "string", "description" : "Service-specific error code/keyword", - "example" : "errParseFailed", - "x-ing-type" : "string" + "example" : "errParseFailed" }, "message" : { "type" : "string", "description" : "A descriptive error message for the consumer", - "example" : "Unexpected end of file (missing a terminator/close bracket?)", - "x-ing-type" : "string" + "example" : "Unexpected end of file (missing a terminator/close bracket?)" }, "source" : { "type" : "string", "description" : "Optional source descriptor for this error", - "example" : "system76", - "x-ing-type" : "string" + "example" : "system76" }, "target" : { "type" : "string", - "description" : "Key/value pair indicating which input property caused the error", - "x-ing-type" : "string" - } - }, - "description" : "Upstream error messages and detailed information on error state", - "x-ing-type" : "object" - }, - "Greeting" : { - "required" : [ "id", "message", "messageTimestamp" ], - "type" : "object", - "properties" : { - "message" : { - "type" : "string", - "description" : "A greeting message.", - "example" : "Welcome to ING!", - "x-ing-type" : "string" - }, - "id" : { - "type" : "string", - "description" : "A generated UUID.", - "example" : "aba4b176-8834-467d-9c2a-ee6acfc8fceb", - "x-ing-type" : "string" - }, - "messageTimestamp" : { - "type" : "string", - "description" : "The current time (GMT).", - "example" : "2023-07-30 15:42:17 GMT", - "x-ing-type" : "string" + "description" : "Key/value pair indicating which input property caused the error" } }, - "x-ing-type" : "object" + "description" : "Upstream error messages and detailed information on error state" } }, "securitySchemes" : { diff --git a/java/open-banking-common/src/main/java/com/ing/developer/common/clients/OpenBankingOAuthApi.java b/java/open-banking-common/src/main/java/com/ing/developer/common/clients/OpenBankingOAuthApi.java index bd59e8a..4e1dd2b 100644 --- a/java/open-banking-common/src/main/java/com/ing/developer/common/clients/OpenBankingOAuthApi.java +++ b/java/open-banking-common/src/main/java/com/ing/developer/common/clients/OpenBankingOAuthApi.java @@ -54,7 +54,9 @@ public String getConsentUri(String redirectUri, String scope, String countryCode String signature = Signing.sign(getFeatSigner(clientId), "get", path, getMandatoryHeaders(digest, date)).toString().substring("Signature ".length()); try { AuthorizationURLResponse response = client.authorizationServerUrlUsingGET("Bearer " + token.getAccessToken(), signature, date, digest, scope, redirectUri, countryCode); - return response.getLocation() + "?client_id=" + clientId + "&scope=" + scope.replace(" ", "%20") + "&redirect_uri=" + redirectUri + "&state=" + UUID.randomUUID(); + return response.getLocation() + "?client_id=" + clientId + "&scope=" + scope.replace(" ", "%20") + + "&redirect_uri=" + redirectUri + "&state=" + UUID.randomUUID() + + "&response_type=code"; } catch (ApiException e) { return Utils.throwHttpExceptionBasedOnStatusCode(e.getCode(), "", e.getMessage()); } @@ -71,7 +73,7 @@ public TokenResponse getCustomerToken(String authorizationCode) { String authorization = "Bearer " + token.getAccessToken(); try { - return client.oauth2TokenPost(authorization, date, digest, grantType, signature.substring("Signature ".length()), tpPSignatureCertificate, null, authorizationCode, null, null); + return client.getAccessTokenUsingPOST(grantType, authorization, signature.substring("Signature ".length()), date, digest, tpPSignatureCertificate, null, null, authorizationCode, null, null); } catch (ApiException e) { return Utils.throwHttpExceptionBasedOnStatusCode(e.getCode(), "", e.getMessage()); } @@ -89,7 +91,7 @@ public TokenResponse getToken() { String authorization = Signing.sign(signer, "post", "/oauth2/token", getMandatoryHeaders(digest, date)).toString(); try { - TokenResponse tokenResponse = client.oauth2TokenPost(authorization, date, digest, grantType, null, tpPSignatureCertificate, null, null, null, null); + TokenResponse tokenResponse = client.getAccessTokenUsingPOST(grantType, authorization, null, date, digest, tpPSignatureCertificate, null, null, null, null, null); tokenTimeStampPair = new Utils.Pair<>(tokenResponse, getTimeStamp()); return tokenTimeStampPair.getFirst(); } catch (ApiException e) { diff --git a/java/open-banking-demo-app/src/main/java/com/ing/developer/app/apis/greetings/GreetingsAdapter.java b/java/open-banking-demo-app/src/main/java/com/ing/developer/app/apis/greetings/GreetingsAdapter.java index 002102a..e22d5a5 100644 --- a/java/open-banking-demo-app/src/main/java/com/ing/developer/app/apis/greetings/GreetingsAdapter.java +++ b/java/open-banking-demo-app/src/main/java/com/ing/developer/app/apis/greetings/GreetingsAdapter.java @@ -4,7 +4,10 @@ import com.ing.developer.showcase.client.api.ShowcaseApiApi; import org.springframework.stereotype.Component; +import javax.ws.rs.core.MediaType; + import static com.ing.developer.app.common.GenericAdapterErrorHandler.throwInternalizedException; +import static javax.ws.rs.core.MediaType.APPLICATION_FORM_URLENCODED; @Component public class GreetingsAdapter { @@ -35,7 +38,7 @@ public String getGreetingMtlsPinning() { public String getGreetingJWS() { try { greetingsApi.getApiClient().setMTLSPinning(true).setJwsSigning(true); - return greetingsApi.signedGreetingsGet(null, null).getMessage(); + return greetingsApi.signedGreetingsGet(APPLICATION_FORM_URLENCODED, null, null).getMessage(); } catch (ApiException e) { return throwInternalizedException(e.getCode(), "greetings", e); } diff --git a/java/open-banking-demo-app/src/test/java/com/ing/developer/app/OpenBankingDemoApplicationTestIntegration.java b/java/open-banking-demo-app/src/test/java/com/ing/developer/app/OpenBankingDemoApplicationTestIntegration.java index a806a0e..3f55e16 100644 --- a/java/open-banking-demo-app/src/test/java/com/ing/developer/app/OpenBankingDemoApplicationTestIntegration.java +++ b/java/open-banking-demo-app/src/test/java/com/ing/developer/app/OpenBankingDemoApplicationTestIntegration.java @@ -90,7 +90,7 @@ void getGreetingMtlsPinning() { @Test void getGreetingJWS() { - String greetings = greetingsAdapter.getGreetingJWS(); + String greetings = greetingsAdapter.getGreetingJWS(); Assertions.assertEquals("Welcome to ING!", greetings); } } diff --git a/java/open-banking-simple-app/src/main/java/com/ing/developer/app/PremiumShowcaseAPI.java b/java/open-banking-simple-app/src/main/java/com/ing/developer/app/PremiumShowcaseAPI.java index 3c50a69..387694d 100644 --- a/java/open-banking-simple-app/src/main/java/com/ing/developer/app/PremiumShowcaseAPI.java +++ b/java/open-banking-simple-app/src/main/java/com/ing/developer/app/PremiumShowcaseAPI.java @@ -6,6 +6,7 @@ import com.ing.developer.showcase.client.api.ShowcaseApiApi; import javax.ws.rs.client.ClientBuilder; +import javax.ws.rs.core.MediaType; import java.security.PrivateKey; import java.security.cert.Certificate; @@ -41,7 +42,7 @@ public static void callShowcaseAPIJWS() throws ApiException { Utils.Pair openBankingClient = Companion.Utils.createOpenBankingClient(keyStoreFileName, keyStorePassword, false, null, null, false, false); ApiClient clientAPI = new ApiClient(clientId, trustMaterial.getSecond(), openBankingClient.getSecond(), null, trustMaterial.getFirst()).setMTLSPinning(true).setJwsSigning(true); ShowcaseApiApi greetingsApi = new ShowcaseApiApi(clientAPI); - String greeting = greetingsApi.signedGreetingsGet(null,null).getMessage(); + String greeting = greetingsApi.signedGreetingsGet(MediaType.APPLICATION_FORM_URLENCODED,null, null).getMessage(); System.out.println(greeting); } } diff --git a/open-banking-driver-generator/pom.xml b/open-banking-driver-generator/pom.xml index a9076d0..8b30943 100644 --- a/open-banking-driver-generator/pom.xml +++ b/open-banking-driver-generator/pom.xml @@ -11,7 +11,7 @@ 11 UTF-8 - 5.2.1 + 7.4.0 5.8.1 1.0.0 diff --git a/open-banking-driver-generator/src/main/java/com/ing/developer/codegen/JavaOpenBankingCodegen.java b/open-banking-driver-generator/src/main/java/com/ing/developer/codegen/JavaOpenBankingCodegen.java index 60e4a2b..d633dc1 100644 --- a/open-banking-driver-generator/src/main/java/com/ing/developer/codegen/JavaOpenBankingCodegen.java +++ b/open-banking-driver-generator/src/main/java/com/ing/developer/codegen/JavaOpenBankingCodegen.java @@ -16,14 +16,17 @@ public class JavaOpenBankingCodegen extends JavaClientCodegen { private final List excludedParams = Arrays.asList("Signature", "Digest", "Date"); + @Override public String getName() { return "Java"; } + @Override public String getHelp() { return "Generates a Java client for ING Open Banking APIs"; } + @Override public void preprocessOpenAPI(OpenAPI openAPI) { if (openAPI != null && openAPI.getPaths() != null) { for (Map.Entry entry : openAPI.getPaths().entrySet()) { diff --git a/open-banking-driver-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache b/open-banking-driver-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache index ecc0492..7652c33 100644 --- a/open-banking-driver-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache +++ b/open-banking-driver-generator/src/main/resources/Java/libraries/jersey2/ApiClient.mustache @@ -106,6 +106,8 @@ import {{invokerPackage}}.auth.ApiKeyAuth; import {{invokerPackage}}.auth.OAuth; {{/hasOAuthMethods}} +import static javax.ws.rs.core.MediaType.APPLICATION_JSON; + {{>generatedAnnotation}} public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} { public final static String BASE_URL = "BASE_URL"; @@ -1202,6 +1204,10 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} { String signature = sign(signer, method.toLowerCase(), path, mandatoryHeaders).toString(); + if (headerParams.containsKey("Content-Type")) { + contentType = headerParams.get("Content-Type"); + } + if (!headerParams.containsKey("Authorization")) mandatoryHeaders.put("Authorization", "Bearer " + applicationAccessToken); if (!this.mTLSPinning) { mandatoryHeaders.put("Signature", signature.substring("Signature ".length())); @@ -1224,14 +1230,14 @@ public class ApiClient{{#jsr310}} extends JavaTimeFormatter{{/jsr310}} { .withoutPadding() .encodeToString(jwsHeader.getBytes(StandardCharsets.UTF_8)); String digest = digest(""); - String signingString = "(request-target): get /signed/greetings\ncontent-type: application/json\ndigest: " + digest; + String signingString = "(request-target): get /signed/greetings\ncontent-type: " + contentType + "\ndigest: " + digest; String jwsSignatureValue = sign(signer, jwsHeaderBase64URL + "." + signingString).getSignature(); String jwsSignature = jwsHeaderBase64URL + ".." + jwsSignatureValue; mandatoryHeaders.put("X-JWS-Signature",jwsSignature); mandatoryHeaders.put("Digest", digest); mandatoryHeaders.put("Date", ZonedDateTime.now(ZoneId.of("GMT")).format(FORMATTER)); - mandatoryHeaders.put("Content-Type", "application/json"); + mandatoryHeaders.put("Content-Type", (contentType != null && !contentType.isEmpty()) ? contentType : APPLICATION_JSON); } catch (CertificateEncodingException e) { throw new ApiException("Certificate Encoding Exception"); diff --git a/open-banking-driver-generator/src/test/java/com/ing/developer/codegen/JavaOpenBankingCodegenTest.java b/open-banking-driver-generator/src/test/java/com/ing/developer/codegen/JavaOpenBankingCodegenTest.java index bff94fa..2a3b7e9 100644 --- a/open-banking-driver-generator/src/test/java/com/ing/developer/codegen/JavaOpenBankingCodegenTest.java +++ b/open-banking-driver-generator/src/test/java/com/ing/developer/codegen/JavaOpenBankingCodegenTest.java @@ -15,12 +15,12 @@ * 2) To launch this test in Eclipse: right-click | Debug As | JUnit Test * */ -public class JavaOpenBankingCodegenTest { +class JavaOpenBankingCodegenTest { // use this test to launch you code generator in the debugger. // this allows you to easily set break points in MyclientcodegenGenerator. @Test - public void launchCodeGenerator() { + void launchCodeGenerator() { // to understand how the 'openapi-generator-cli' module is using 'CodegenConfigurator', have a look at the 'Generate' class: // https://github.com/OpenAPITools/openapi-generator/blob/master/modules/openapi-generator-cli/src/main/java/org/openapitools/codegen/cmd/Generate.java final CodegenConfigurator configurator = new CodegenConfigurator() diff --git a/scripts/getLatestSwaggerVersion.sh b/scripts/getLatestSwaggerVersion.sh index e6c5762..b372c34 100755 --- a/scripts/getLatestSwaggerVersion.sh +++ b/scripts/getLatestSwaggerVersion.sh @@ -32,7 +32,7 @@ for row in $(echo "${cleaned_versions}" | jq -r '.apis[] | @base64'); do file_name=$(echo "../api/${SWAGGER_DIR}/${name}.json" | tr " " "-") if [ ! -f "$file_name" ]; then echo "$file_name does not exist. Downloading...." - curl "https://api.developer.ing.com/apis/$API_ID/versions/${versionId}/specification/download?format=json&pretty=true" -o "$file_name" + curl "https://api.touchpoint.ing.net/apis/$API_ID/versions/${versionId}/specification/download?format=json&pretty=true" -o "$file_name" git add "$file_name" else echo "$file_name exist." @@ -42,7 +42,7 @@ for row in $(echo "${cleaned_versions}" | jq -r '.apis[] | @base64'); do echo "VERSION MATCH" else echo "DOWNLOAD NEW VERSION" - curl "https://api.developer.ing.com/apis/$API_ID/versions/${versionId}/specification/download?format=json&pretty=true" -o "$file_name" + curl "https://api.touchpoint.ing.net/apis/$API_ID/versions/${versionId}/specification/download?format=json&pretty=true" -o "$file_name" git add "$file_name" fi fi