API Explorer

v4.0.0 filtered by tag: View-Custom (11 APIs)

Bank
Accounts
Views
Counterparties
Transactions

Get Accounts Held

Get Accounts held by the current User if even the User has not been assigned the owner View yet.

Can be used to onboard the account to the API - since all other account and transaction endpoints require views to be assigned.

optional request parameters:

  • account_type_filter: one or many accountType value, split by comma
  • account_type_filter_operation: the filter type of account_type_filter, value must be INCLUDE or EXCLUDE

whole url example:
/banks/BANK_ID/accounts-held?account_type_filter=330,CURRENT+PLUS&account_type_filter_operation=INCLUDE

Authentication is Mandatory

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "accounts":[{ "id":"12314", "label":"My Account", "bank_id":"123", "number":"123", "account_routings":[{ "scheme":"AccountNumber", "address":"4930396" }] }] }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-50000: Unknown Error.
Version: OBPv3.0.0, function_name: by getAccountsHeld, operation_id: OBPv3.0.0-getAccountsHeld Tags: Account, Account Information Service (AIS), View-Custom, PSD2, New-Style,

Create (DAuth) User with Account Access

This endpoint is used as part of the DAuth solution to grant access to account and transaction data to a smart contract on the blockchain.

Put the smart contract address in username

For provider use "dauth"

This endpoint will create the (DAuth) User with username and provider if the User does not already exist.

Authentication is Mandatory and the logged in user needs to be account holder.

For information about DAuth see below:

DAuth

DAuth Introduction, Setup and Usage

DAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".

In the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.

Thus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".

DAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.

When OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.

If you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.

When OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.

Note: The DAuth flow does not require an explicit POST like Direct Login to create the token.

Permissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.

Note: DAuth is NOT enabled on this instance!

Note: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!

To use DAuth:

1) Configure OBP API to accept DAuth.

Set up properties in your props file

# -- DAuth --------------------------------------
# Define secret used to validate JWT token
# jwt.public_key_rsa=path-to-the-pem-file
# Enable/Disable DAuth communication at all
# In case isn't defined default value is false
# allow_dauth=false
# Define comma separated list of allowed IP addresses
# dauth.host=127.0.0.1
# -------------------------------------- DAuth--

Please keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.

2) Create / have access to a JWT

The following videos are available:
* DAuth in local environment

HEADER:ALGORITHM & TOKEN TYPE

{
  "alg": "RS256",
  "typ": "JWT"
}

PAYLOAD:DATA

{
  "smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
  "network_name": "AIRNODE.TESTNET.ETHEREUM",
  "msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",
  "consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",
  "timestamp": "2021-11-04T14:13:40Z",
  "request_id": "0Xe876987694328763492876348928736497869273649"
}

VERIFY SIGNATURE

RSASHA256(
  base64UrlEncode(header) + "." +
  base64UrlEncode(payload),

) your-RSA-key-pair

Here is an example token:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k

3) Try a REST call using the header

Using your favorite http client:

GET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current

Body

Leave Empty!

Headers:

   DAuth: your-jwt-from-step-above

Here is it all together:

GET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current HTTP/1.1
Host: localhost:8080
User-Agent: curl/7.47.0
Accept: /
DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k

CURL example

curl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://apisandbox.openbankproject.com/obp/v3.0.0/users/current

You should receive a response like:

{
    "user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",
    "email": "",
    "provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
    "provider": "ETHEREUM",
    "username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",
    "entitlements": {
        "list": []
    }
}

Under the hood

The file, dauth.scala handles the DAuth,

We:

-> Check if Props allow_dauth is true
  -> Check if DAuth header exists
    -> Check if getRemoteIpAddress is OK
      -> Look for "token"
        -> parse the JWT token and getOrCreate the user
          -> get the data of the user

More information

Parameter names and values are case sensitive.
Each parameter MUST NOT appear more than once per request.


URL Parameters:

JSON request body fields:

JSON response body fields:

Typical Successful Response:

								
									
[{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }]
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-20047: User must have access to the owner view or must be an account holder.
  • OBP-10001: Incorrect json format.
  • OBP-30252: System view not found. Please specify a valid value for VIEW_ID
  • OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
  • OBP-30063: Cannot grant account access.
  • OBP-50000: Unknown Error.
Connector Methods:
Version: OBPv4.0.0, function_name: by createUserWithAccountAccess, operation_id: OBPv4.0.0-createUserWithAccountAccess Tags: Account-Access, View-Custom, Account, User, OwnerViewRequired, DAuth, New-Style,

Grant User access to View

Grants the User identified by USER_ID access to the view identified by VIEW_ID.

Authentication is Mandatory and the user needs to be account holder.

URL Parameters:

JSON request body fields:

JSON response body fields:

Typical Successful Response:

								
									
{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-20047: User must have access to the owner view or must be an account holder.
  • OBP-10001: Incorrect json format.
  • OBP-20005: User not found. Please specify a valid value for USER_ID.
  • OBP-30252: System view not found. Please specify a valid value for VIEW_ID
  • OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
  • OBP-30063: Cannot grant account access.
  • OBP-50000: Unknown Error.
Connector Methods:
Version: OBPv4.0.0, function_name: by grantUserAccessToView, operation_id: OBPv4.0.0-grantUserAccessToView Tags: Account-Access, View-Custom, Account, User, OwnerViewRequired, New-Style,

Revoke User access to View

Revoke the User identified by USER_ID access to the view identified by VIEW_ID.

Authentication is Mandatory and the user needs to be account holder.

URL Parameters:

JSON request body fields:

JSON response body fields:

Typical Successful Response:

								
									
{ "revoked":true }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-20047: User must have access to the owner view or must be an account holder.
  • OBP-10001: Incorrect json format.
  • OBP-20005: User not found. Please specify a valid value for USER_ID.
  • OBP-30252: System view not found. Please specify a valid value for VIEW_ID
  • OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
  • OBP-30064: Cannot revoke account access.
  • OBP-30065: Cannot find account access.
  • OBP-50000: Unknown Error.
Connector Methods:
Version: OBPv4.0.0, function_name: by revokeUserAccessToView, operation_id: OBPv4.0.0-revokeUserAccessToView Tags: Account-Access, View-Custom, Account, User, OwnerViewRequired, New-Style,

Revoke/Grant User access to View

Revoke/Grant the logged in User access to the views identified by json.

Authentication is Mandatory and the user needs to be an account holder or has owner view access.

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "revoked":true }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-20047: User must have access to the owner view or must be an account holder.
  • OBP-10001: Incorrect json format.
  • OBP-20005: User not found. Please specify a valid value for USER_ID.
  • OBP-30252: System view not found. Please specify a valid value for VIEW_ID
  • OBP-30005: View not found for Account. Please specify a valid value for VIEW_ID
  • OBP-30064: Cannot revoke account access.
  • OBP-30065: Cannot find account access.
  • OBP-50000: Unknown Error.
Connector Methods:
Version: OBPv4.0.0, function_name: by revokeGrantUserAccessToViews, operation_id: OBPv4.0.0-revokeGrantUserAccessToViews Tags: Account-Access, View-Custom, Account, User, OwnerViewRequired,

Create View

Create a view on bank account

Authentication is Mandatory and the user needs to have access to the owner view.
The 'alias' field in the JSON can take one of three values:

  • public: to use the public alias if there is one specified for the other account.
  • private: to use the public alias if there is one specified for the other account.
  • ''(empty string): to use no alias; the view shows the real name of the other account.

The 'hide_metadata_if_alias_used' field in the JSON can take boolean values. If it is set to true and there is an alias on the other account then the other accounts' metadata (like more_info, url, image_url, open_corporates_url, etc.) will be hidden. Otherwise the metadata will be shown.

The 'allowed_actions' field is a list containing the name of the actions allowed on this view, all the actions contained will be set to true on the view creation, the rest will be set to false.

You MUST use a leading _ (underscore) in the view name because other view names are reserved for OBP system views.

URL Parameters:

JSON request body fields:

  • description: This an optional field. Maximum length is 2000. It can be any characters here.

  • is_public: true

  • name: ACCOUNT_MANAGEMENT_FEE

JSON response body fields:

Typical Successful Response:

								
									
{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-10001: Incorrect json format.
  • OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
  • OBP-50000: Unknown Error.
Version: OBPv3.0.0, function_name: by createViewForBankAccount, operation_id: OBPv3.0.0-createViewForBankAccount Tags: View-Custom, Account, New-Style,

Delete View

Deletes the view specified by VIEW_ID on the bank account specified by ACCOUNT_ID at bank BANK_ID

Authentication is Mandatory

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "jsonString":"{}" }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
  • OBP-50000: Unknown Error.
  • user does not have owner access
Version: OBPv1.2.1, function_name: by deleteViewForBankAccount, operation_id: OBPv1.2.1-deleteViewForBankAccount Tags: View-Custom, Account, New-Style,

Get Account access for User

Returns the list of the views at BANK_ID for account ACCOUNT_ID that a user identified by PROVIDER_ID at their provider PROVIDER has access to.
All url parameters must be %-encoded, which is often especially relevant for USER_ID and PROVIDER.

Authentication is Mandatory

The user needs to have access to the owner view.

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "views":[{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }] }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
  • OBP-50000: Unknown Error.
Version: OBPv3.0.0, function_name: by getPermissionForUserForBankAccount, operation_id: OBPv3.0.0-getPermissionForUserForBankAccount Tags: View-Custom, Account, User, New-Style,

Get Views for Account

Views

Views in Open Bank Project provide a mechanism for fine grained access control and delegation to Accounts and Transactions. Account holders use the 'owner' view by default. Delegated access is made through other views for example 'accountants', 'share-holders' or 'tagging-application'. Views can be created via the API and each view has a list of entitlements.

Views on accounts and transactions filter the underlying data to redact certain fields for certain users. For instance the balance on an account may be hidden from the public. The way to know what is possible on a view is determined in the following JSON.

Data: When a view moderates a set of data, some fields my contain the value null rather than the original value. This indicates either that the user is not allowed to see the original data or the field is empty.

There is currently one exception to this rule; the 'holder' field in the JSON contains always a value which is either an alias or the real name - indicated by the 'is_alias' field.

Action: When a user performs an action like trying to post a comment (with POST API call), if he is not allowed, the body response will contain an error message.

Metadata:
Transaction metadata (like images, tags, comments, etc.) will appears ONLY on the view where they have been created e.g. comments posted to the public view only appear on the public view.

The other account metadata fields (like image_URL, more_info, etc.) are unique through all the views. Example, if a user edits the 'more_info' field in the 'team' view, then the view 'authorities' will show the new value (if it is allowed to do it).

All

Optional

Returns the list of the views created for account ACCOUNT_ID at BANK_ID.

Authentication is Mandatory and the user needs to have access to the owner view.

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "views":[{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }] }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
  • OBP-50000: Unknown Error.
Version: OBPv3.0.0, function_name: by getViewsForBankAccount, operation_id: OBPv3.0.0-getViewsForBankAccount Tags: View-Custom, Account, New-Style,

Get access

Returns the list of the permissions at BANK_ID for account ACCOUNT_ID, with each time a pair composed of the user and the views that he has access to.

Authentication is Mandatory
and the user needs to have access to the owner view.

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "permissions":[{ "user":{ "id":"5995d6a2-01b3-423c-a173-5481df49bdaf", "provider":"http://127.0.0.1:8080", "display_name":"OBP" }, "views":[{ "id":"123", "short_name":"short_name", "description":"description", "is_public":true, "alias":"None", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true }] }] }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30001: Bank not found. Please specify a valid value for BANK_ID.
  • OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.
  • OBP-50000: Unknown Error.
Version: OBPv2.0.0, function_name: by getPermissionsForBankAccount, operation_id: OBPv2.0.0-getPermissionsForBankAccount Tags: View-Custom, Account, User, Entitlement, New-Style,

Update View

Update an existing view on a bank account

Authentication is Mandatory and the user needs to have access to the owner view.

The json sent is the same as during view creation (above), with one difference: the 'name' field
of a view is not editable (it is only set when a view is created)

URL Parameters:

JSON response body fields:

Typical Successful Response:

								
									
{ "id":"1234", "short_name":"short_name", "description":"description", "metadata_view":"owner", "is_public":true, "is_system":true, "alias":"No", "hide_metadata_if_alias_used":true, "can_add_comment":true, "can_add_corporate_location":true, "can_add_image":true, "can_add_image_url":true, "can_add_more_info":true, "can_add_open_corporates_url":true, "can_add_physical_location":true, "can_add_private_alias":true, "can_add_public_alias":true, "can_add_tag":true, "can_add_url":true, "can_add_where_tag":true, "can_delete_comment":true, "can_add_counterparty":true, "can_delete_corporate_location":true, "can_delete_image":true, "can_delete_physical_location":true, "can_delete_tag":true, "can_delete_where_tag":true, "can_edit_owner_comment":true, "can_see_bank_account_balance":true, "can_query_available_funds":true, "can_see_bank_account_bank_name":true, "can_see_bank_account_currency":true, "can_see_bank_account_iban":true, "can_see_bank_account_label":true, "can_see_bank_account_national_identifier":true, "can_see_bank_account_number":true, "can_see_bank_account_owners":true, "can_see_bank_account_swift_bic":true, "can_see_bank_account_type":true, "can_see_comments":true, "can_see_corporate_location":true, "can_see_image_url":true, "can_see_images":true, "can_see_more_info":true, "can_see_open_corporates_url":true, "can_see_other_account_bank_name":true, "can_see_other_account_iban":true, "can_see_other_account_kind":true, "can_see_other_account_metadata":true, "can_see_other_account_national_identifier":true, "can_see_other_account_number":true, "can_see_other_account_swift_bic":true, "can_see_owner_comment":true, "can_see_physical_location":true, "can_see_private_alias":true, "can_see_public_alias":true, "can_see_tags":true, "can_see_transaction_amount":true, "can_see_transaction_balance":true, "can_see_transaction_currency":true, "can_see_transaction_description":true, "can_see_transaction_finish_date":true, "can_see_transaction_metadata":true, "can_see_transaction_other_bank_account":true, "can_see_transaction_start_date":true, "can_see_transaction_this_bank_account":true, "can_see_transaction_type":true, "can_see_url":true, "can_see_where_tag":true, "can_see_bank_routing_scheme":true, "can_see_bank_routing_address":true, "can_see_bank_account_routing_scheme":true, "can_see_bank_account_routing_address":true, "can_see_other_bank_routing_scheme":true, "can_see_other_bank_routing_address":true, "can_see_other_account_routing_scheme":true, "can_see_other_account_routing_address":true, "can_add_transaction_request_to_own_account":true, "can_add_transaction_request_to_any_account":true, "can_see_bank_account_credit_limit":true, "can_create_direct_debit":true, "can_create_standing_order":true }
Validations:
  • Required JSON Validation: No
  • Allowed Authentication Types: Not set
Possible Errors:
  • OBP-10001: Incorrect json format.
  • OBP-20001: User not logged in. Authentication is required!
  • OBP-30018: Bank Account not found. Please specify valid values for BANK_ID and ACCOUNT_ID.
  • OBP-50000: Unknown Error.
Version: OBPv3.0.0, function_name: by updateViewForBankAccount, operation_id: OBPv3.0.0-updateViewForBankAccount Tags: View-Custom, Account, New-Style,