-
Consumer
-
The "consumer" of the API, i.e. the web, mobile or serverside "App" that calls on the OBP API on beMore...
- Create a Consumer
- Create a Consumer
- Enable or Disable Consumers
- Get Consumer
- Get Consumers
- Get Consumers (logged in User)
- Get Rate Limits for a Consumer
- Get Rate Limits for a Consumer
- Set Rate Limits / Call Limits per Consumer
- Update Consumer Certificate
- Update Consumer LogoURL
- Update Consumer Name
- Update Consumer RedirectURL
-
-
Consumer
-
Create a Consumer
-
Create a Consumer
-
Enable or Disable Consumers
-
Get Consumer
-
Get Consumers
-
Get Consumers (logged in User)
-
Get Rate Limits for a Consumer
-
Get Rate Limits for a Consumer
-
Set Rate Limits / Call Limits per Consumer
-
Update Consumer Certificate
-
Update Consumer LogoURL
-
Update Consumer Name
-
Update Consumer RedirectURL
-
Create a Consumer
-
Directory
-
Scope
v5.1.0 filtered by tag: Consumer (17 APIs)
Create a Consumer
Create a Consumer (Authenticated access).
A Consumer represents an application that uses the Open Bank Project API. Each Consumer has:
- A unique key (40 character random string) - used as the client ID for authentication
- A unique secret (40 character random string) - used for secure authentication
- An app_type (Confidential or Public) - determines OAuth2 flow requirements
- Metadata like app_name, description, developer_email, company, etc.
How it works (for comprehension flow):
- Extract authenticated user: Retrieves the currently logged-in user who is creating the consumer
- Parse and validate JSON request: Extracts the CreateConsumerRequestJsonV510 from the request body
- Determine app_type: Converts the string "Confidential" or "Public" to the AppType enum
- Generate credentials: Creates random 40-character key and secret for the new consumer
- Create consumer record: Calls createConsumerNewStyle with all parameters:
- Auto-generated key and secret
- enabled flag (controls if consumer is active)
- app_name, description, developer_email, company
- redirect_url (for OAuth flows)
- client_certificate (optional, for certificate-based auth)
- logo_url (optional)
- createdByUserId (the authenticated user's ID)
- Return response: Returns the newly created consumer with HTTP 201 Created status
Client Certificate (Optional but Recommended for PSD2/Berlin Group):
The client_certificate field provides enhanced security through X.509 certificate validation.
IMPORTANT SECURITY NOTE:
- This endpoint does NOT validate the certificate at creation time - any certificate can be provided
- The certificate is simply stored with the consumer record without checking if it's from a trusted CA
- For PSD2/Berlin Group compliance with certificate validation, use the Dynamic Registration endpoint instead
- Dynamic Registration validates certificates against registered Regulated Entities and trusted CAs
How certificates are used (after creation):
- Certificate is stored in PEM format (Base64-encoded X.509) with the consumer record
- On subsequent API requests, the certificate from the PSD2-CERT header is compared against the stored certificate
- If certificates don't match, access is denied even with valid OAuth2 tokens
- First request populates the certificate if not set; subsequent requests must match that certificate
Certificate validation process (during API requests, NOT at consumer creation):
1. Certificate from PSD2-CERT header is compared to stored certificate (simple string match)
2. Certificate is parsed from PEM format to X.509Certificate object
3. Validated against a configured trust store (PKCS12 format) containing trusted root CAs
4. Certificate chain is verified using PKIX validation
5. Optional CRL (Certificate Revocation List) checking if enabled via use_tpp_signature_revocation_list
6. Public key from certificate can verify signed requests (Berlin Group requirement)
Note: Steps 3-6 only apply during API request validation, NOT during consumer creation via this endpoint.
Security benefits (when properly configured):
- Certificate binding: Links consumer to a specific certificate (prevents token reuse with different certs)
- Request verification: Certificate's public key can verify signed requests
- Non-repudiation: Certificate-based signatures prove request origin
Security limitations of this endpoint:
- No validation at creation: Any certificate (even self-signed or expired) can be stored
- No CA verification: Certificate is not checked against trusted root CAs during creation
- No Regulated Entity check: Does not verify the TPP is registered
- Use Dynamic Registration instead for proper PSD2/Berlin Group compliance with full certificate validation
For proper PSD2 compliance:
Use the Dynamic Consumer Registration endpoint (POST /obp/v5.1.0/dynamic-registration/consumers) which:
- Requires JWT-signed request using the certificate's private key
- Validates certificate against Regulated Entity registry
- Checks certificate is from a trusted CA using the configured trust store
- Ensures proper QWAC/eIDAS compliance for EU TPPs
Configuration properties (for runtime validation):
- truststore.path.tpp_signature - Path to trust store for certificate validation during API requests
- truststore.password.tpp_signature - Trust store password
- use_tpp_signature_revocation_list - Enable/disable CRL checking during requests (default: true)
- consumer_validation_method_for_consent - Set to "CONSUMER_CERTIFICATE" for cert-based validation
- bypass_tpp_signature_validation - Emergency bypass (default: false, use only for testing)
Important: The key and secret are only shown once in the response. Save them securely as they cannot be retrieved later.
Please note: Your consumer may be disabled as a result of this action.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON request body fields:
app_name: appNameBank
app_type: Web
company: Tesobe GmbH
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
redirect_url: https://apisandbox.openbankproject.com
client_certificate: client_certificate
logo_url: logo_url
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
consumer_secret: xwdgylv3vau0n2gkxu1aize4glapftfldp5y1bic
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"consumer_secret":"xwdgylv3vau0n2gkxu1aize4glapftfldp5y1bic",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
-
CanCreateConsumer
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create a Consumer
Create a Consumer (Authenticated access).
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON request body fields:
app_name: appNameBank
app_type: Web
company: Tesobe GmbH
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
redirect_url: https://apisandbox.openbankproject.com
client_certificate: client_certificate
logo_url: logo_url
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Enable or Disable Consumers
Enable/Disable a Consumer specified by CONSUMER_ID.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
enabled: false
{
"enabled":false
}
-
CanEnableConsumers
- Please login to request this Role
-
CanDisableConsumers
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Consumer
Get the Consumer specified by CONSUMER_ID.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
app_name: appNameBank
app_type: Web
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"consumer_id":1213,
"app_name":"SOFI",
"app_type":"Web",
"description":"Account Management",
"developer_email":"felixsmith@example.com",
"redirect_url":"www.openbankproject.com",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z"
}
-
CanGetConsumers
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-50000: Unknown Error.
Get Consumers
Get the all Consumers.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
Possible custom url parameters for pagination:
- limit=NUMBER ==> default value: 50
- offset=NUMBER ==> default value: 0
eg1:?limit=100&offset=0
- sort_direction=ASC/DESC ==> default value: DESC.
eg2:?limit=100&offset=0&sort_direction=ASC
- from_date=DATE => example value: 1970-01-01T00:00:00.000Z. NOTE! The default value is one year ago (1970-01-01T00:00:00.000Z).
- to_date=DATE => example value: 2026-01-16T17:55:03.680Z. NOTE! The default value is now (2026-01-16T17:55:03.680Z).
Date format parameter: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'(1100-01-01T01:01:01.000Z) ==> time zone is UTC.
eg3:?sort_direction=ASC&limit=100&offset=0&from_date=1100-01-01T01:01:01.000Z&to_date=1100-01-01T01:01:01.000Z
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumers":[{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}]
}
-
CanGetConsumers
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Get Consumers (logged in User)
Get the Consumers for logged in User.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
JSON response body fields:
app_name: appNameBank
app_type: Web
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"consumers":[{
"consumer_id":"8e716299-4668-4efd-976a-67f57a9984ec",
"app_name":"SOFI",
"app_type":"Web",
"description":"Account Management",
"developer_email":"felixsmith@example.com",
"redirect_url":"www.openbankproject.com",
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-50000: Unknown Error.
Get Rate Limits for a Consumer
Get Rate Limits per Consumer.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
calls_made: 50
per_day: 4000
per_month: 500
per_second: 1000
per_week: 50000
{
"per_second_call_limit":"-1",
"per_minute_call_limit":"-1",
"per_hour_call_limit":"-1",
"per_day_call_limit":"-1",
"per_week_call_limit":"-1",
"per_month_call_limit":"-1",
"current_state":{
"per_second":{
"calls_made":-1,
"reset_in_seconds":-1
},
"per_minute":{
"calls_made":-1,
"reset_in_seconds":-1
},
"per_hour":{
"calls_made":-1,
"reset_in_seconds":-1
},
"per_day":{
"calls_made":-1,
"reset_in_seconds":-1
},
"per_week":{
"calls_made":-1,
"reset_in_seconds":-1
},
"per_month":{
"calls_made":-1,
"reset_in_seconds":-1
}
}
}
-
CanUpdateRateLimits
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-20014: Invalid Consumer ID. Please specify a valid value for CONSUMER_ID.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30023: Cannot update Consumer
- OBP-50000: Unknown Error.
Get Rate Limits for a Consumer
Get Calls limits per Consumer.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
created_at: created_at
from_date: 1100-01-01T01:01:01.000Z
limits: limits
rate_limiting_id: rate_limiting_id
to_date: 1100-01-01T01:01:01.000Z
updated_at: updated_at
{
"limits":[{
"rate_limiting_id":"80e1e0b2-d8bf-4f85-a579-e69ef36e3305",
"from_date":"1100-01-01T00:00:00Z",
"to_date":"1100-01-01T00:00:00Z",
"per_second_call_limit":"100",
"per_minute_call_limit":"100",
"per_hour_call_limit":"-1",
"per_day_call_limit":"-1",
"per_week_call_limit":"-1",
"per_month_call_limit":"-1",
"created_at":"1100-01-01T00:00:00Z",
"updated_at":"1100-01-01T00:00:00Z"
}]
}
-
CanReadCallLimits
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-20014: Invalid Consumer ID. Please specify a valid value for CONSUMER_ID.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30023: Cannot update Consumer
- OBP-50000: Unknown Error.
Set Rate Limits / Call Limits per Consumer
Set the API rate limits / call limits for a Consumer:
Rate limiting can be set:
Per Second
Per Minute
Per Hour
Per Week
Per Month
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
from_date: 1100-01-01T01:01:01.000Z
to_date: 1100-01-01T01:01:01.000Z
api_name: api_name
bank_id: gh.29.uk
{
"from_date":"1100-01-01T00:00:00Z",
"to_date":"1100-01-01T00:00:00Z",
"per_second_call_limit":"-1",
"per_minute_call_limit":"-1",
"per_hour_call_limit":"-1",
"per_day_call_limit":"-1",
"per_week_call_limit":"-1",
"per_month_call_limit":"-1"
}
-
CanUpdateRateLimits
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-10001: Incorrect json format.
- OBP-20014: Invalid Consumer ID. Please specify a valid value for CONSUMER_ID.
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-20006: User is missing one or more roles:
- OBP-30023: Cannot update Consumer
- OBP-50000: Unknown Error.
Update Consumer Certificate
Update a Certificate for a Consumer specified by CONSUMER_ID.
Please note: Your consumer may be disabled as a result of this action.
CONSUMER_ID can be obtained after you register the application.
Or use the endpoint 'Get Consumers' to get it
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
-
CanUpdateConsumerCertificate
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Update Consumer LogoURL
Update an existing logoURL for a Consumer specified by CONSUMER_ID.
Please note: Your consumer may be disabled as a result of this action.
CONSUMER_ID can be obtained after you register the application.
Or use the endpoint 'Get Consumers' to get it
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
-
CanUpdateConsumerLogoUrl
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Update Consumer Name
Update an existing name for a Consumer specified by CONSUMER_ID.
Please note: Your consumer may be disabled as a result of this action.
CONSUMER_ID can be obtained after you register the application.
Or use the endpoint 'Get Consumers' to get it
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
-
CanUpdateConsumerName
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Update Consumer RedirectURL
Update an existing redirectUrl for a Consumer specified by CONSUMER_ID.
Please note: Your consumer may be disabled as a result of this action.
CONSUMER_ID can be obtained after you register the application.
Or use the endpoint 'Get Consumers' to get it
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
app_name: appNameBank
app_type: Web
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
{
"consumer_id":1213,
"app_name":"SOFI",
"app_type":"Web",
"description":"Account Management",
"developer_email":"felixsmith@example.com",
"redirect_url":"www.openbankproject.com",
"created_by_user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z"
}
-
CanUpdateConsumerRedirectUrl
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20006: User is missing one or more roles:
- OBP-50000: Unknown Error.
Create a Consumer(Dynamic Registration)
Create a Consumer with full certificate validation (mTLS access) - Recommended for PSD2/Berlin Group compliance.
This endpoint provides secure, validated consumer registration unlike the standard /management/consumers endpoint.
How it works (for comprehension flow):
- Extract JWT from request: Parse the signed JWT from the request body
- Extract certificate: Get certificate from
PSD2-CERTheader in PEM format - Verify JWT signature: Validate JWT is signed with the certificate's private key (proves possession)
- Parse JWT payload: Extract consumer details (description, app_name, app_type, developer_email, redirect_url)
- Extract certificate info: Parse certificate to get Common Name, Email, Organization
- Validate against Regulated Entity: Check certificate exists in Regulated Entity registry (PSD2 requirement)
- Create consumer: Generate credentials and create consumer record with validated certificate
- Return consumer with certificate info: Returns consumer details including parsed certificate information
Certificate Validation (CRITICAL SECURITY DIFFERENCE from regular creation):
[YES] JWT Signature Verification: JWT must be signed with certificate's private key - proves TPP owns the certificate
[YES] Regulated Entity Check: Certificate must match a pre-registered Regulated Entity in the database
[YES] Certificate Binding: Certificate is permanently bound to the consumer at creation time
[YES] CA Validation: Certificate chain can be validated against trusted root CAs during API requests
[YES] PSD2 Compliance: Meets EU regulatory requirements for TPP registration
Security benefits vs regular consumer creation:
| Feature | Regular Creation | Dynamic Registration |
|---|---|---|
| Certificate validation | [NO] None | [YES] Full validation |
| Regulated Entity check | [NO] Not required | [YES] Required |
| JWT signature proof | [NO] Not required | [YES] Required (proves private key possession) |
| Self-signed certs | [YES] Accepted | [NO] Rejected |
| PSD2 compliant | [NO] No | [YES] Yes |
| Rogue TPP prevention | [NO] No | [YES] Yes |
Prerequisites:
1. TPP must be registered as a Regulated Entity with their certificate
2. Certificate must be provided in PSD2-CERT request header (PEM format)
3. JWT must be signed with the private key corresponding to the certificate
4. Trust store must be configured with trusted root CAs
JWT Payload Structure:
Minimal:
{ "description":"TPP Application Description" }
Full:
{
"description": "Payment Initiation Service",
"app_name": "Tesobe GmbH",
"app_type": "Confidential",
"developer_email": "contact@tesobe.com",
"redirect_url": "https://tpp.example.com/callback"
}
Note: JWT must be signed with the private key that corresponds to the public key in the certificate sent via PSD2-CERT header.
Certificate Information Extraction:
The endpoint automatically extracts information from the certificate:
- Common Name (CN) → used as app_name if not provided in JWT
- Email Address → used as developer_email if not provided
- Organization (O) → used as company
- Certificate validity period
- Issuer information
Configuration Required:
- truststore.path.tpp_signature - Path to trust store for CA validation
- truststore.password.tpp_signature - Trust store password
- Regulated Entity must be pre-registered with certificate public key
Error Scenarios:
- JWT signature invalid → PostJsonIsNotSigned (400)
- Certificate not in Regulated Entity registry → RegulatedEntityNotFoundByCertificate (400)
- Invalid JWT format → InvalidJsonFormat (400)
- Missing PSD2-CERT header → Signature verification fails
This is the SECURE way to register consumers for production PSD2/Berlin Group implementations.
User Authentication is Optional. The User need not be logged in.
JSON request body fields:
jwt: eyJhbGciOiJIUzI1NiJ9.eyJlbnRpdGxlbWVudHMiOltdLCJjcmVhdGVkQnlVc2VySWQiOiJhYjY1MzlhOS1iMTA1LTQ0ODktYTg4My0wYWQ4ZDZjNjE2NTciLCJzdWIiOiIyMWUxYzhjYy1mOTE4LTRlYWMtYjhlMy01ZTVlZWM2YjNiNGIiLCJhdWQiOiJlanpuazUwNWQxMzJyeW9tbmhieDFxbXRvaHVyYnNiYjBraWphanNrIiwibmJmIjoxNTUzNTU0ODk5LCJpc3MiOiJodHRwczpcL1wvd3d3Lm9wZW5iYW5rcHJvamVjdC5jb20iLCJleHAiOjE1NTM1NTg0OTksImlhdCI6MTU1MzU1NDg5OSwianRpIjoiMDlmODhkNWYtZWNlNi00Mzk4LThlOTktNjYxMWZhMWNkYmQ1Iiwidmlld3MiOlt7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAxIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifSx7ImFjY291bnRfaWQiOiJtYXJrb19wcml2aXRlXzAyIiwiYmFua19pZCI6ImdoLjI5LnVrLngiLCJ2aWV3X2lkIjoib3duZXIifV19.8cc7cBEf2NyQvJoukBCmDLT7LXYcuzTcSYLqSpbxLp4
JSON response body fields:
app_name: appNameBank
app_type: Web
certificate_pem: certificate_pem
company: Tesobe GmbH
consumer_id: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
consumer_key: bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq
description: Description of the object. Maximum length is 2000. It can be any characters here.
enabled: false
issuer_domain_name: issuer_domain_name
not_after: not_after
not_before: not_before
provider: ETHEREUM
redirect_url: https://apisandbox.openbankproject.com
subject_domain_name: subject_domain_name
user_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
username: felixsmith
certificate_info: certificate_info
logo_url: logo_url
roles: CanCreateMyUser
roles_info: roles_info
{
"consumer_id":"7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh",
"consumer_key":"bwf0ykmwoirip1yjxcn15wnhuyxcziwgtcoaildq",
"app_name":"appNameBank",
"app_type":"Web",
"description":"Description of the object. Maximum length is 2000. It can be any characters here.",
"developer_email":"felixsmith@example.com",
"company":"Tesobe GmbH",
"redirect_url":"https://apisandbox.openbankproject.com",
"certificate_pem":"-----BEGIN CERTIFICATE-----\nMIIFIjCCBAqgAwIBAgIIX3qsz7QQxngwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNV\r\nBAYTAkRFMQ8wDQYDVQQIEwZCZXJsaW4xDzANBgNVBAcTBkJlcmxpbjEPMA0GA1UE\r\nChMGVEVTT0JFMRowGAYDVQQLExFURVNPQkUgT3BlcmF0aW9uczESMBAGA1UEAxMJ\r\nVEVTT0JFIENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbkB0ZXNvYmUuY29tMQwwCgYD\r\nVQQpEwNWUE4wHhcNMjMwNzE3MDg0MDAwWhcNMjQwNzE3MDg0MDAwWjCBizELMAkG\r\nA1UEBhMCREUxDzANBgNVBAgTBkJlcmxpbjEPMA0GA1UEBxMGQmVybGluMRQwEgYD\r\nVQQKEwtUZXNvYmUgR21iSDEPMA0GA1UECxMGc3lzb3BzMRIwEAYDVQQDEwlsb2Nh\r\nbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGFkbWluQHRlc29iZS5jb20wggEiMA0GCSqG\r\nSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxGuWUN1H0d0IeYPYWdLA0I/5BXx4DLO6\r\nzfi1GGJlF8BIXRN0VTJckIY9C3J1RnXDs6p6ufA01iHe1PQdL6VzfcaC3j+jUSgV\r\n1z9ybEUPyUwq3PCCxqoVI9n8yh+O6FDn3dvu/9Q2NtBpJHUBDCLf7OO9TgsFU2sE\r\nMys+Hw5DuuX5n5OQ2VIwH+qlMTQnd+yw5y8FKHqAZT5hE60lF/x6sQnwi58hLGRW\r\nSqo/548c2ZpoeWtnyY1I6PyR7zUYGuhruLY8gVFfLE+610u/lj2wYTXMxntpV+tV\r\nralLFRMhvbqZXW/EpuDb/pEbCnLDNDxq5NarLVDzcHs7VhT9MPChAgMBAAGjggFy\r\nMIIBbjATBgNVHSUEDDAKBggrBgEFBQcDAjAaBgNVHREEEzARgglsb2NhbGhvc3SH\r\nBH8AAAEwggEGBggrBgEFBQcBAwSB+TCB9jAIBgYEAI5GAQEwOAYGBACORgEFMC4w\r\nLBYhaHR0cHM6Ly9leGFtcGxlLm9yZy9wa2lkaXNjbG9zdXJlEwdleGFtcGxlMIGI\r\nBgYEAIGYJwIwfjBMMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEBDAZQU1Bf\r\nQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQQMBlBTUF9JQwwlRHVtbXkg\r\nRmluYW5jaWFsIFN1cGVydmlzaW9uIEF1dGhvcml0eQwHWFgtREZTQTAlBgYEAI5G\r\nAQYwGwYHBACORgEGAQYHBACORgEGAgYHBACORgEGAzARBglghkgBhvhCAQEEBAMC\r\nB4AwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsF\r\nAAOCAQEAKTS7exS9A7rWJLRzWrlHoTu68Avm5g9Dz1GKjgt8rnvj3D21SE14Rf5p\r\n0JWHYH4SiCdnh8Tx+IA7o0TmPJ1JRfAXR3i/5R7TJi/HrnqL+V7SIx2Cuq/hkZEU\r\nAhVs07nnvHURcrlQGwcfn4TbgpCURpCPpYZlNsYySb6BS6I4qFaadHGqMTyEkphV\r\nwfXyB3brmzxj9V4Qgp0t+s/uFuFirWyIayRc9nSSC7vuNVYvib2Kim4y8kvuWpA4\r\nZ51+fFOmBqCqpmwfAADNgDsLJiA/741eBflVd/ZUeAzgOjMCMIaDGlwiwZlePKT7\r\n553GtfsGxZMf05oqfUrQEQfJaU+/+Q==\n-----END CERTIFICATE-----\n",
"certificate_info":{
"subject_domain_name":"OID.2.5.4.41=VPN, EMAILADDRESS=admin@tesobe.com, CN=TESOBE CA, OU=TESOBE Operations, O=TESOBE, L=Berlin, ST=Berlin, C=DE",
"issuer_domain_name":"CN=localhost, O=TESOBE GmbH, ST=Berlin, C=DE",
"not_before":"2022-04-01T10:13:00.000Z",
"not_after":"2032-04-01T10:13:00.000Z",
"roles_info":"PEM Encoded Certificate does not contain PSD2 roles."
},
"created_by_user":{
"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1",
"email":"felixsmith@example.com",
"provider_id":"Chris",
"provider":"http://127.0.0.1:8080",
"username":"felixsmith"
},
"enabled":true,
"created":"1100-01-01T00:00:00Z",
"logo_url":"https://apisandbox.openbankproject.com/logo"
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-10001: Incorrect json format.
- OBP-50000: Unknown Error.
Create Scope for a Consumer
Create Scope. Grant Role to Consumer.
Scopes are used to grant System or Bank level roles to the Consumer (App). (For Account level privileges, see Views)
For a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
For a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON request body fields:
bank_id: gh.29.uk
JSON response body fields:
bank_id: gh.29.uk
{
"scope_id":"88625da4-a671-435e-9d24-e5b6e5cc404f",
"role_name":"CanGetEntitlementsForAnyUserAtOneBank",
"bank_id":"gh.29.uk"
}
-
CanCreateScopeAtAnyBank
- Please login to request this Role
-
CanCreateScopeAtOneBank
- Please login to request this Role
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-20024: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-10001: Incorrect json format.
- OBP-10007: Incorrect Role name:
- OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.
- OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.
- OBP-30216: Entitlement already exists for the user.
- OBP-50000: Unknown Error.
- OBP-20006: User is missing one or more roles:
Delete Consumer Scope
Delete Consumer Scope specified by SCOPE_ID for an consumer specified by CONSUMER_ID
Authentication is required and the user needs to be a Super Admin.
Super Admins are listed in the Props file.
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30212: EntitlementId not found
- OBP-50000: Unknown Error.
Get Scopes for Consumer
Get all the scopes for an consumer specified by CONSUMER_ID
User Authentication is Required. The User must be logged in. The Application must also be authenticated.
URL Parameters:
CONSUMER_ID: 7uy8a7e4-6d02-40e3-a129-0b2bf89de8uh
JSON response body fields:
bank_id: gh.29.uk
list:
{
"list":[{
"scope_id":"88625da4-a671-435e-9d24-e5b6e5cc404f",
"role_name":"CanGetEntitlementsForAnyUserAtOneBank",
"bank_id":"gh.29.uk"
}]
}
- Required JSON Validation: No
- Allowed Authentication Types: Not set
- OBP-20001: User not logged in. Authentication is required!
- OBP-30212: EntitlementId not found
- OBP-30019: Consumer not found. Please specify a valid value for CONSUMER_ID.
- OBP-50000: Unknown Error.