Skip to content

Instantly share code, notes, and snippets.

@wouterds

wouterds/swagger.yaml

Created September 27, 2023 07:08
Show Gist options
  • Save wouterds/612bb01070a89d766d31bd5a4f863b25 to your computer and use it in GitHub Desktop.
Save wouterds/612bb01070a89d766d31bd5a4f863b25 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
swagger.yaml
openapi: 3.0.3
info:
description: Endpoints used by the Mobile App.
version: 3.0.0
title: Mobile API
servers:
- url: https://mobile.api.prd.itsme.services/v3
description: Production
- url: https://mobile.api.e2e.itsme.services/v3
description: E2E
- url: https://mobile.api.uat.itsme.services/v3
description: UAT
- url: https://mobile.api.dev.itsme.services/v3
description: DEV
paths:
/token:
post:
summary: Retrieve bearer token
description: Retrieves a bearer token to access the api-scope (guest/provisioning/account) in correspondence to the provided Basic Authentication.
security:
- BasicAuthentication: []
tags:
- Authentication
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- in: query
name: grant_type
schema:
type: string
enum:
- client_credentials
required: true
description: The requested grant type for the token.
requestBody:
content:
application/json:
schema:
type: object
required:
- fingerprint
properties:
application_fingerprint:
$ref: "#/components/schemas/ApplicationFingerprint"
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/AccessToken"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Basic Authentication (consumerKey & consumerSecret combination) in the request is invalid.
"403":
description: Forbidden. The request tried to access a resource wherefor it has no rights to.
"500":
description: Internal server error.
"503":
description: Service unavailable.
/account/service_actions/pending:
get:
summary: Fetches all the pending Service Actions
description: This service fetches all Service Actions in `Pending` status related to the User Account.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
type: array
nullable: false
items:
$ref: "#/components/schemas/ServiceAction"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/account/service_actions:
get:
summary: Fetches all the Service Actions
description: This service fetches all Service Actions related to the User Account.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- $ref: "#/components/parameters/XBMIDUserSignatureHeader"
- name: status
in: query
schema:
type: array
items:
type: string
style: form
explode: false
required: false
description: >
Filters the Service Action list on their status.
Only Service Actions with a status belonging to the provided `ServiceActionStatus` subset are returned in the result list.
Only statusses defined in the `ServiceActionStatus` schema will be accounted for.
When this parameter is not provided, no filtering takes place and all Service Actions are valid.
- name: offset
in: query
schema:
type: integer
format: int32
default: 0
description: The number of Service Actions to skip before starting to collect the result list.
- name: limit
in: query
schema:
type: integer
format: int32
default: 20
description: The maximum number of Service Actions the result list will contain.
responses:
"200":
description: Success
content:
application/json:
schema:
type: array
nullable: false
items:
$ref: "#/components/schemas/ServiceAction"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
WrongOTP:
$ref: "#/components/examples/ErrorWrongOTP"
WrongOTPTooMuchClockDelta:
$ref: "#/components/examples/ErrorWrongOTPTooMuchClockDelta"
"500":
description: Internal server error.
"503":
description: Service unavailable.
post:
summary: Creates a Service Action
description: This service creates a Service Action based on the provided requestBody for this User Account.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
requestBody:
content:
application/json:
schema:
type: object
required:
- request_url
properties:
request_url:
type: string
nullable: false
description: The URL Request with which the Mobile App was triggered.
example: https://idp.prd.itsme.services/action_requests/oidc/authorization?response_type=code&client_id=OIDC_TEST1&redirect_uri=https%3A%2F%2Fcore-emulators-ssl.default-clu01.mgmt.belgianmobileid.be%2Fopenidclient%2Fuat_OIDC_TEST1%2Fauthz_cb&scope=openid+service%3AOIDC_TEST1_APPROVAL+profile+phone+email+address+eid&state=anystate&nonce=anonce&prompt=login+consent&max_age=1&claims=%7B%22userinfo%22%3A%7B%22name%22%3A%7B%22essential%22%3Atrue%7D%7D%7D&request_uri=https:\/\/belgianmobileid.github.io:443\/slate\/RequestObject_UAT_OIDCv1.json
examples:
OIDCAuthorization:
summary: OIDC - Authorization
value:
request_url_endpoint: https://idp.prd.itsme.services/action_requests/oidc/authorization?response_type=code&client_id=OIDC_TEST1&redirect_uri=https%3A%2F%2Fcore-emulators-ssl.default-clu01.mgmt.belgianmobileid.be%2Fopenidclient%2Fuat_OIDC_TEST1%2Fauthz_cb&scope=openid+service%3AOIDC_TEST1_APPROVAL+profile+phone+email+address+eid&state=anystate&nonce=anonce&prompt=login+consent&max_age=1&claims=%7B%22userinfo%22%3A%7B%22name%22%3A%7B%22essential%22%3Atrue%7D%7D%7D&request_uri=https:\/\/belgianmobileid.github.io:443\/slate\/RequestObject_UAT_OIDCv1.json
QESIdentification:
summary: QES - Identification
value:
request_url_endpoint: https://idp.prd.itsme.services/action_requests/qes/identification?q=quttyqeh7z06mukri48mmp4deaml3rsw&language=EN
QESSign:
summary: QES - Sign
value:
request_url_endpoint: https://idp.prd.itsme.services/action_requests/qes/sign?q=quttyqeh7z06mukri48mmp4deaml3rsw&language=EN
responses:
"200":
description: Success
content:
application/json:
schema:
type: object
required:
- action_id
properties:
action_id:
$ref: "#/components/schemas/ServiceActionID"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
ErrorServiceActionCreationGeneral:
$ref: "#/components/examples/ErrorServiceActionCreationGeneral"
ErrorServiceActionCreationWrongAuthRequestEndpoint:
$ref: "#/components/examples/ErrorServiceActionCreationWrongAuthRequestEndpoint"
ErrorServiceActionCreationWrongAuthRequestQuery:
$ref: "#/components/examples/ErrorServiceActionCreationWrongAuthRequestQuery"
ErrorServiceActionCreationWrongAuthRequestContext:
$ref: "#/components/examples/ErrorServiceActionCreationWrongAuthRequestContext"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/account/service_actions/{action_id}:
get:
summary: Fetches the details of a Service Action
description: This service fetches the full details for the Service Action identified by the provided {action_id}.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- name: action_id
in: path
description: The Service Action identifier.
required: true
schema:
$ref: "#/components/schemas/ServiceActionID"
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/ServiceAction"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access to the requested Service Action.
"404":
description: Not found. A Service Action with {action_id} does not exist.
"410":
description: Gone. The Service Action has expired.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/account/service_actions/{action_id}/confirmation:
post:
summary: Confirm the Service Action
description: This service confirms the Service Action identified by the provided {action_id}.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- $ref: "#/components/parameters/XBMIDUserSignatureHeader"
- name: action_id
in: path
description: The Service Action identifier.
required: true
schema:
$ref: "#/components/schemas/ServiceActionID"
requestBody:
content:
application/json:
schema:
type: object
properties:
application_fingerprint:
$ref: "#/components/schemas/ApplicationFingerprint"
pokayoke:
$ref: "#/components/schemas/ServiceActionPokaYoke"
responses:
"200":
$ref: "#/components/responses/ServiceActionProcessedSuccessfullyResponse"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access to the requested Service Action.
"404":
description: Not found. A Service Action with {action_id} does not exist.
"410":
description: Gone. The Service Action has expired.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
WrongOTP:
$ref: "#/components/examples/ErrorWrongOTP"
WrongOTPTooMuchClockDelta:
$ref: "#/components/examples/ErrorWrongOTPTooMuchClockDelta"
ServiceActionExpired:
$ref: "#/components/examples/ErrorServiceActionExpired"
ServiceActionAlreadyProcessed:
$ref: "#/components/examples/ErrorServiceActionAlreadyProcessed"
WrongPokaYoke:
$ref: "#/components/examples/ErrorServiceActionWrongPokaYoke"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/account/service_actions/{action_id}/rejection:
post:
summary: Rejects the Service Action
description: This service rejects the Service Action identified by the provided {action_id}.
security:
- PrivateBearerToken: []
tags:
- Account - Service Actions
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- name: action_id
in: path
description: The Service Action identifier.
required: true
schema:
$ref: "#/components/schemas/ServiceActionID"
responses:
"200":
$ref: "#/components/responses/ServiceActionProcessedSuccessfullyResponse"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access to the requested Service Action.
"404":
description: Not found. A Service Action with {action_id} does not exist.
"410":
description: Gone. The Service Action has expired.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
ServiceActionExpired:
$ref: "#/components/examples/ErrorServiceActionExpired"
ServiceActionAlreadyProcessed:
$ref: "#/components/examples/ErrorServiceActionAlreadyProcessed"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery:
get:
summary: Fetches the discovery overview of the itsme ecosystem.
description: This service fetches the discovery overview of the itsme ecosystem, incl. Service Partners, Article and more.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- name: country_id
in: query
schema:
type: string
format: ISO3166-1 Alpha-2 code
required: false
description: The identifier of the Country the returned Discovery page is tailored for.
- name: limit
in: query
schema:
type: integer
format: int32
default: 20
description: The maximum number of Disovery Blocks the result list will contain.
- name: offset
in: query
schema:
type: integer
format: int32
default: 0
description: The number of Disovery Blocks to skip before starting to collect the result list.
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/Discovery"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/articles:
get:
summary: Fetches all the Articles.
description: This service fetches all the Articles related to the itsme ecosystem.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
type: array
nullable: false
items:
type: object
required:
- id
- title
properties:
id:
$ref: "#/components/schemas/Article/properties/id"
title:
$ref: "#/components/schemas/Article/properties/title"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/articles/{article_id}:
get:
summary: Fetches all the Article details.
description: This service fetches all details about the Article corresponding to the provided identifier.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- name: article_id
in: path
schema:
type: string
format: uuid
required: true
description: The identifier of the Article.
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/Article"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/service_partners:
get:
summary: Fetches all the Service Partners.
description: This service fetches all Service Partners in the ecosystem.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- name: query
in: query
schema:
type: string
required: false
description: The query that Service Partners should adhere to (eg name should contain case-insensitive query value, ...).
- name: category_id
in: query
schema:
type: string
format: uuid
required: false
description: The identifier of the Service Partner Category the returned Service Partners should belong to.
- name: country_id
in: query
schema:
type: string
format: ISO3166-1 Alpha-2 code
required: false
description: The identifier of the Country the returned Service Partners should belong to.
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
type: array
nullable: false
items:
$ref: "#/components/schemas/DiscoveryBlockListItem"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/service_partners/{service_partner_id}:
get:
summary: Fetches the Service Partner details.
description: This service fetches all details about the Service Partner matching the provided identifier.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- name: service_partner_id
in: path
schema:
type: string
required: true
description: The identifier of the Service Partner.
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/ServicePartner"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/service_partner_categories:
get:
summary: Fetches the Service Partner Categories.
description: This service fetches all Service Partner Categories.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
type: array
nullable: false
items:
type: object
required:
- id
- name
properties:
id:
$ref: "#/components/schemas/ServicePartnerCategory/properties/id"
name:
$ref: "#/components/schemas/ServicePartnerCategory/properties/name"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/discovery/service_partner_categories/{service_partner_category_id}:
get:
summary: Fetches the Service Partner Category details.
description: This service fetches all details about the Service Partner Category matching the provided identifier.
security:
- PrivateBearerToken: []
tags:
- Discovery
parameters:
- name: service_partner_category_id
in: path
required: true
schema:
type: string
description: The identifier of the Service Partner Category.
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
responses:
"200":
description: Success
content:
application/json:
schema:
$ref: "#/components/schemas/ServicePartnerCategory"
"400":
description: Bad request. The server refused to accept the request as the request has missing/corrupt/.. info (eg payload, headers, ...).
"401":
description: Unauthorized. The provided Bearer token is invalid/expired/..
"403":
description: Forbidden. The User associated with the provided Bearer token has no access.
"469":
description: Business error.
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
examples:
ApplicationInstanceBlocked:
$ref: "#/components/examples/ErrorApplicationInstanceBlocked"
ApplicationVersionBlocked:
$ref: "#/components/examples/ErrorApplicationVersionBlocked"
ApplicationVersionNotSupported:
$ref: "#/components/examples/ErrorApplicationVersionNotSupported"
AccountBlocked:
$ref: "#/components/examples/ErrorAccountBlocked"
TermsAndConditionsNotUpdated:
$ref: "#/components/examples/ErrorAccountTermsAndConditionsNotUpdated"
"500":
description: Internal server error.
"503":
description: Service unavailable.
/resources/images/pokayoke/{pokayoke_id}:
get:
summary: Retrieve Poka Yoke symbol
description: This service retrieves the associated Poka Yoke symbol for the provided {pokayoke_id}.
tags:
- Static Resources
parameters:
- $ref: "#/components/parameters/AcceptLanguageHeader"
- $ref: "#/components/parameters/UserAgentHeader"
- $ref: "#/components/parameters/XBMIDCorrelationIDHeader"
- in: path
name: pokayoke_id
description: The identifier of the Poka Yoke.
schema:
type: string
format: "[0-9]{2}"
required: true
examples:
Default:
summary: Default
value: "14"
LeadingZero:
summary: Single digit. Must be prefixed with a leading 0.
value: "06"
responses:
"200":
description: Success
content:
image/png:
schema:
type: string
format: binary
"404":
description: Not found. No Poka Yoke for identifier {pokayoke_id} was found
components:
examples:
Error:
summary: General Error
value:
code: -100
message: "Error: A general error occurred."
ErrorApplicationInstanceBlocked:
summary: Application Instance Blocked
value:
code: -101
message: "Error: Application Instance is blocked."
ErrorApplicationVersionBlocked:
summary: Application Version Blocked
value:
code: -102
message: "Error: Application Version is blocked."
ErrorApplicationVersionNotSupported:
summary: Application Version Not Supported
value:
code: -103
message: "Error: Functionality not supported by current application version"
ErrorAccount:
summary: General User Account Error
value:
code: -200
message: "Error: A general User Account error occurred."
ErrorAccountBlocked:
summary: User Account Blocked
value:
code: -201
message: "Error: User Account is blocked."
ErrorAccountTermsAndConditionsNotUpdated:
summary: User Account Should Accept Terms & Conditions
value:
code: -202
message: "Error: User needs to accept the latest Terms & Conditions."
ErrorServiceAction:
summary: General Service Action Error
value:
code: -300
message: "Error: A general Service Action error occurred."
ErrorWrongOTP:
summary: Wrong OTP
value:
code: -301
message: "Error: Wrong OTP proviced."
remaining_otp_attempts_left: 2
ErrorWrongOTPTooMuchClockDelta:
summary: Wrong OTP - Too Much Clock Delta
value:
code: -302
message: "Error: Wrong OTP provided, probably due to too much clock delta on the Client."
remaining_otp_attempts_left: 2
ErrorServiceActionExpired:
summary: Service Action Expired
value:
code: -303
message: "Error: Service Action has expired."
ErrorServiceActionAlreadyProcessed:
summary: Service Action Already Processed
value:
code: -304
message: "Error: Service Action is already processed."
ErrorServiceActionServerRejected:
summary: Service Action Server Rejected
value:
code: -310
message: "Error: Service Action rejected by the Server"
ErrorServiceActionWrongPokaYoke:
summary: Service Action Server Rejected - Wrong Poka Yoke
value:
code: -311
message: "Error: Service Action rejected by the Server due to wrong Poka Yoke selection by User"
ErrorServiceActionCreationGeneral:
value:
code: -320
message: "Error: Service Action could not be created."
ErrorServiceActionCreationWrongAuthRequestEndpoint:
value:
code: -321
message: "Error: Service Action could not be created due to invalid authorization_request_endpoint."
ErrorServiceActionCreationWrongAuthRequestQuery:
value:
code: -322
message: "Error: Service Action could not be created due to invalid authorization_request_query."
ErrorServiceActionCreationWrongAuthRequestContext:
value:
code: -323
message: "Error: Service Action could not be created due to invalid authorization_request context, ie an international User Account cannot be used in Belgian context."
parameters:
AcceptLanguageHeader:
name: Accept-Language
in: header
required: true
schema:
type: string
example: nl-BE
description: >
A regex specifying the preferred content language of the User.
* Format: `{ISO 639-1 language code}-{ISO 3166-1 alpha-2 region code}`
UserAgentHeader:
name: User-Agent
in: header
required: true
schema:
type: string
example: "itsme/3.10.0 (platform: iOS 14.4.4)"
description: >
A regex specifying the major application & client characteristics.
* Format: `{application_name}/{application_version} (platform: {platform_name} {platform_version})`
XBMIDCorrelationIDHeader:
name: X-BMID-Correlation-Id
in: header
required: true
schema:
type: string
example: PRD-MOB-AP-a00f2c5f-9d36-4978-a0e7-06fe35615822
description: >
A UUID used to tie the request, the handling of it at the server and the final response together in the logs.
* Format: `{environment_id}-MOB-AP-{uuid}`
* Environment ID's: `PRD`, `E2E`, `UAT` & `DEV`
XBMIDUserSignatureHeader:
name: X-BMID-User-Signature
in: header
required: true
schema:
type: string
format: "value={value}; version={version}; generated_at={timestamp}"
example: 'value="U2FsdGVkX1+N8aqMJk2xRst3CdFHTaubWJqFeM79Rag="; version=3; generated_at="2023-05-08T09:06:53.697Z"'
description: >
Header containing the User Signature value and metadata.
Components:
* value:
* description: the value of the User Signature. Currently a Base64-encoded AES-encrypted OCRA OTP. The OCRA OTP is generated via the EzioMobile Protector SDK.
* type: string
* format: "base64_encode(aes_encrypt(otp))"
* example: "U2FsdGVkX1+N8aqMJk2xRst3CdFHTaubWJqFeM79Rag="
* version:
* description: the version of the User Signature algorithm which was used to generated the User Signature value.
* type: integer
* enum:
- 3
* generated_at:
* description: the local timestamp at the Client Device when the User generated the User Signature value.
* type: string
* format: ISO8601 timestamp
* example: "2023-05-08T09:06:53.697"
responses:
ServiceActionProcessedSuccessfullyResponse:
description: Success
content:
application/json:
schema:
type: object
properties:
partner_redirect_url:
type: string
format: url
nullable: true
description: The url to contact the partner of the completed processing of the Service Action.
schemas:
AccessToken:
type: object
required:
- expires_in
- value
properties:
expires_in:
type: integer
description: The amount of seconds the bearer token is valid.
example: 3600
value:
type: string
format: bearer
description: The public/private bearer token to access the guest (public) or provisioning/account (private) api endpoints.
example: 3ebc5c8c550f387eea31b962d3f1f32d
ApplicationFingerprint:
type: object
required:
- application_instance_id
- application_language
- application_package_identifier
- application_version
- device_is_debug_enabled
- device_is_rooted
- device_lock_level
- device_manufacturer
- device_model
- device_os_name
- device_os_version
properties:
application_instance_id:
type: string
format: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxL
nullable: false
description: A unique identifier of this device. It's a lowercased UUID (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx), from which all dashes are stripped, that is concatened by it's Luhn Sum (L).
example: 2de101eb41af40829589c948d184f83a4
application_language:
type: string
description: >
The user chosen language used in the application.
* `null` if the preferred user language could not be retrieved by the application.
format: "{ISO 639-1 language code}-{ISO 3166-1 alpha-2 region code}"
nullable: true
example: nl-BE
application_package_identifier:
type: string
description: >
The package identifier of the application.
* `null` if the package identifier could not be retrieved by the application.
nullable: true
example: be.bmid.itsme
application_version:
allOf:
- description: >
The version of the application.
* `null` if the version could not be retrieved by the application.
- nullable: true
- $ref: "#/components/schemas/Version"
device_is_debug_enabled:
type: boolean
description: >
Indicates whether debug mode is enabled on the device.
* `true` if debug mode is enabled
* `false` if debug mode is disabled
* `null` if the status could not be retrieved by the application
nullable: true
device_is_rooted:
type: boolean
description: >
Indicates whether the device is rooted / jailbroken.
* `true` if the device is rooted / jailbroken
* `false` if the device is not rooted / jailbroken
* `null` if the status could not be retrieved by the application
nullable: true
device_lock_level:
type: string
enum:
- NONE
- PASSCODE
- TOUCH_ID
- FACE_ID
description: >
The level of lock set on the device. The possible values depend on
the OS and the OS version.
* `NONE` if nor a passcode, nor biometrics are set to unlock the device
* `PASSCODE` if a passcode is set to unlock the device
* `TOUCH_ID` if TouchID / fingerprint biometry is used to unlock the device
* `FACE_ID` if TouchID / fingerprint biometry is used to unlock the device
* `null` if the device lock level could not be retrieved by the application
nullable: true
device_manufacturer:
type: string
description: >
The manufacturer of the device.
* `null` if the manufacturer could not be retrieved by the application.
minLength: 0
maxLength: 255
nullable: true
example: Apple
device_model:
type: string
description: >
The model of the device.
* `null` if the model could not be retrieved by the application.
minLength: 0
maxLength: 255
nullable: true
example: iPhone11,2
device_os_name:
type: string
description: >
The Operating System (OS) of the device.
* `null` if the Operating System (OS) could not be retrieved by the application.
nullable: true
enum:
- ANDROID
- IOS
device_os_version:
allOf:
- description: >
The Operating System (OS) version of the device.
* `null` if the Operating System (OS) version could not be retrieved by the application.
- nullable: true
- $ref: "#/components/schemas/Version"
Article:
type: object
required:
- id
- text_sections
- title
properties:
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Article.
header_image:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The Article's header image.
example:
id: walletsarewawesome_XYZ
url: /resources/images/articles/walletsareawesome/XYZ
related_partners:
description: A list of Related Items to the Article.
type: object
required:
- items
properties:
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of the Related Partners Block.
example: Finance
items:
type: array
items:
$ref: "#/components/schemas/DiscoveryBlockListItem"
text_sections:
type: array
nullable: false
description: A list of Sections of the Article.
items:
type: object
required:
- text
properties:
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of the Article Section.
example: Lorem Ipsum.
text:
type: string
format: plain-text
nullable: false
description: The human-readable, localized text of the Article Section.
example: Lorem Ipsum.
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of Article.
example: Wallets are awesome. Here's why.
video_url:
type: string
format: url
nullable: false
description: The URL linking to the featured video of the Article.
example: https://www.youtube.com/itsme/ABCDEF
text_color:
allOf:
- $ref: "#/components/schemas/Color"
- description: The HEX-value of the color the title should be shown in.
nullable: false
AssociatedEntity:
type: object
required:
- analytics_id
- id
- type
properties:
analytics_id:
type: string
nullable: false
description: Human-readible, constant event identifier to track clicks on the Associated Entity CTA button. Has the same value in all content languages.
example: discovery_finance_show_all
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Entity associated to the Discovery Block.
name:
type: string
nullable: true
description: Name of the associated entity to possible show to the end-user
when the user is send to an external URL
example: Dexia
type:
type: string
nullable: false
enum:
- ARTICLE
- EXTERNAL_URL
- INTERNAL_URL
- SERVICE_PARTNER
- SERVICE_PARTNER_CATEGORY
description: The type of Entity associated to the Discovery Block.
Color:
type: string
format: hex
description: Object representing a color.
example: FF0000
Date:
type: string
format: date-time
description: "A date specified in the ISO8601 format `YYYY-MM-DD'T'hh:mm:ss'Z'`."
example: "2023-06-15T08:53:01Z"
Discovery:
type: object
required:
- content_blocks
- total_block_count
properties:
content_blocks:
type: array
nullable: false
items:
anyOf:
- $ref: "#/components/schemas/DiscoveryBlockLargeCarousel"
- $ref: "#/components/schemas/DiscoveryBlockList"
- $ref: "#/components/schemas/DiscoveryBlockSmallCarousel"
total_block_count:
type: integer
format: int32
description: The number of content blocks available. This can be used to integrate pagination.
example:
total_block_count: 23
content_blocks:
- associated_entity:
id: 2283e9ba-9f41-4869-8c51-f500df0561ef
type: ARTICLE
description: Wallets are awesome
id: f0a137e2-87db-468e-80df-b4f8d676885d
items:
- associated_entity:
id: 3fa85f64-5717-4562-b3fc-2c963f66afa6
type: SERVICE_PARTNER
cover_image:
id: izimi_ABCDEF
url: /resources/images/service_partners/izimi/ABCDEF
description: Izimi is a free, digital wallet offered by the Notary.
id: 3fa85f64-5717-4562-b3fc-2c963f66afa6
service_partner:
icon:
id: izimi_XYZ
url: /resources/images/service_partners/izimi/XYZ
name: Izimi
provider: FedNot
subtitle: Wallets
tag: New
title: A safe-haven for all your documents.
- associated_entity:
id: 5e8b29bc-85a3-41d4-bb9a-a584459fa25a
type: SERVICE_PARTNER
cover_image:
id: athumi_ABCDEF
url: /resources/images/service_partners/athumi/ABCDEF
description: Athumi is a Flanders' wallet.
id: ea253925-2de5-4d0b-b898-76e3b0155b99
service_partner:
icon:
id: athumi_XYZ
url: /resources/images/service_partners/athumi/XYZ
name: Athumi
provider: Flanders
tag: New
title: A safe-haven for all your documents.
name: Wallets
type: LARGE_CAROUSEL
- associated_entity:
id: 30e5642b-0749-464c-b184-1ac7f4c0d688
type: SERVICE_PARTNER_CATEGORY
id: cfd1b377-dba8-457e-820a-194206a265b9
items:
- associated_entity:
id: https://www.kbc.be/itsme
type: EXTERNAL_URL
id: e664c53a-fdf4-42b5-ae7f-afbc4e269529
title: KBC
icon:
id: kbc_ABCDEF
url: /resources/images/service_partners/kbc/ABCDEF
- associated_entity:
id: https://www.bnppf.be/itsme
type: EXTERNAL_URL
id: 911d8ecc-bc3e-4ea1-9afd-1de70ee75b47
title: BNPPF
icon:
id: bnppf_ABCDEF
url: /resources/images/service_partners/bnppf/ABCDEF
- associated_entity:
id: https://www.belfius.be/itsme
type: EXTERNAL_URL
id: 65f26bfd-2878-40cd-a263-2821172a5309
title: Belfius
icon:
id: belfius_ABCDEF
url: /resources/images/service_partners/belfius/ABCDEF
name: Most popular
ui_style: SMALL_CAROUSEL
- associated_entity:
id: d884736f-a1ed-42fe-8a17-7e5d3bd8c9bf
type: SERVICE_PARTNER_CATEGORY
id: 05ac8359-a478-491f-a002-3033536d3ba8
items:
- associated_entity:
id: https://www.kbc.be/itsme
type: EXTERNAL_URL
id: 273e0abf-5e2f-4647-bdfc-88058b362316
title: KBC
icon:
id: kbc_ABCDEF
url: /resources/images/service_partners/kbc/ABCDEF
- associated_entity:
id: https://www.bnppf.be/itsme
type: EXTERNAL_URL
id: 63e7b5d0-5658-41b4-a99e-7d2832ef4e73
title: BNPPF
icon:
id: bnppf_ABCDEF
url: /resources/images/service_partners/bnppf/ABCDEF
- associated_entity:
id: https://www.belfius.be/itsme
type: EXTERNAL_URL
id: 8ab3bbbd-919a-4bc5-8d3d-90656b94ee29
title: Belfius
icon:
id: belfius_ABCDEF
url: /resources/images/service_partners/belfius/ABCDEF
name: Finance
ui_style: LIST
DiscoveryBlock:
type: object
discriminator:
propertyName: type
mapping:
LARGE_CAROUSEL: "#/components/schemas/DiscoveryBlockLargeCarousel"
LIST: "#/components/schemas/DiscoveryBlockList"
SMALL_CAROUSEL: "#/components/schemas/DiscoveryBlockSmallCarousel"
required:
- id
- type
properties:
associated_entity:
allOf:
- $ref: "#/components/schemas/AssociatedEntity"
- description: The type of Entity associated to the Item.
description:
format: plain-text
type: string
nullable: false
description: The human-readible, localized description of the Discovery Block.
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Discovery Block.
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of the Discovery Block.
example: Finance
type:
type: string
nullable: false
enum:
- LARGE_CAROUSEL
- SMALL_CAROUSEL
- LIST
DiscoveryBlockLargeCarousel:
allOf:
- $ref: "#/components/schemas/DiscoveryBlock"
- type: object
required:
- items
properties:
items:
type: array
items:
$ref: "#/components/schemas/DiscoveryBlockLargeCarouselItem"
DiscoveryBlockList:
allOf:
- $ref: "#/components/schemas/DiscoveryBlock"
- type: object
required:
- items
properties:
items:
type: array
items:
$ref: "#/components/schemas/DiscoveryBlockListItem"
DiscoveryBlockSmallCarousel:
allOf:
- $ref: "#/components/schemas/DiscoveryBlock"
- type: object
required:
- items
properties:
items:
type: array
items:
$ref: "#/components/schemas/DiscoveryBlockSmallCarouselItem"
DiscoveryBlockItem:
type: object
required:
- associated_entity
- id
properties:
associated_entity:
allOf:
- $ref: "#/components/schemas/AssociatedEntity"
- description: The type of Entity associated to the Item.
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Item.
DiscoveryBlockListItem:
allOf:
- $ref: "#/components/schemas/DiscoveryBlockItem"
- type: object
required:
- icon
- title
properties:
icon:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The icon of the List Item.
example:
id: izimi_ABCDEF
url: /resources/images/service_partners/izimi/ABCDEF
provider:
type: string
format: plain-text
nullable: false
description: The human-readable, localized subtitle of the Discovery Item.
example: FedNot
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of the Discovery Item.
example: Izimi
DiscoveryBlockLargeCarouselItem:
allOf:
- $ref: "#/components/schemas/DiscoveryBlockItem"
- type: object
required:
- cover_image
- title
properties:
cover_image:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The cover image of the Item.
example:
id: izimi_ABCDEF
url: /resources/images/service_partners/izimi/ABCDEF
description:
type: string
format: plain-text
nullable: false
description: The human-readable, localized description of the Item.
example: Izimi is a free, digital wallet offered by the Notary.
service_partner:
type: object
required:
- icon
- name
properties:
icon:
$ref: "#/components/schemas/ServicePartner/properties/icon"
name:
$ref: "#/components/schemas/ServicePartner/properties/name"
provider:
$ref: "#/components/schemas/ServicePartner/properties/provider"
subtitle:
type: string
format: plain-text
nullable: false
description: The human-readable, localized subtitle of the Item.
example: Izimi is a free, digital wallet offered by the Notary.
tag:
type: string
format: plain-text
nullable: false
description: A human-readable, localized tag of the Item.
example: New
title:
type: object
required:
- text
properties:
text:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title to be displayed on the cover image of the Featured Carousel Item.
example: A safe-haven for all your documents.
text_color:
allOf:
- $ref: "#/components/schemas/Color"
- description: The HEX-value of the color the title should be shown in.
nullable: false
DiscoveryBlockSmallCarouselItem:
allOf:
- $ref: "#/components/schemas/DiscoveryBlockItem"
- type: object
required:
- icon
- title
properties:
icon:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The icon of the List Item.
example:
id: izimi_ABCDEF
url: /resources/images/service_partners/izimi/ABCDEF
title:
type: string
format: plain-text
nullable: false
description: The human-readable, localized title of the Discovery Item.
example: Izimi
Error:
type: object
description: Object representing a Business Error in the ecosystem.
required:
- code
properties:
code:
type: integer
format: int32
nullable: false
enum:
- -100
- -101
- -102
- -103
- -198
- -199
- -200
- -201
- -202
- -210
- -211
- -300
- -301
- -302
- -303
- -304
- -310
- -311
- -320
- -321
- -322
- -323
description: >
General error codes (from `-100` till `-199`):
* `-100` - General error
* `-101` - Application Instance blocked
* `-102` - Application Version blocked
* `-103` - Functionality not supported by current application version
* `-198` - Unknown Client Error
* `-199` - Unknown Server Error
User Account error codes (from `-200` till `-299`):
* `-200` - General User Account error
* `-201` - User Account blocked
* `-202` - User needs to accept latest Terms & Conditions
* `-210` - Application Instance not found
* `-211` - Current Application Instance is already linked to a User Account
Service Action error codes (from `-300` till `-399`):
* `-300` - General Service Action error
* `-301` - Service Action Confirmation failed due to a wrong User Signature (OTP)
* `-302` - Service Action Confirmation failed due to a wrong User Signature (OTP). The time delta on the Client Device is too significant from realtime.
* `-303` - Service Action has expired
* `-304` - Service Action is already processed
* `-310` - Service Action rejected by the Server
* `-311` - Service Action rejected by the Server due to wrong Poka Yoke selection by User
* `-320` - Service Action could not be created
* `-321` - Service Action could not be created due to invalid authorization_request_endpoint
* `-322` - Service Action could not be created due to invalid authorization_request_query
* `-323` - Service Action could not be created due to invalid authorization_request context, ie an international User Account cannot be used in Belgian context
example: -301
message:
type: string
nullable: true
description: A human-readible message describing the error.
example: Wrong OTP
remaining_otp_attempts_left:
type: integer
format: int32
nullable: true
description: The number of OTP attempts left before the User Account will be blocked.
example: 2
Icon:
type: object
description: Object representing an Icon.
nullable: false
required:
- url
properties:
id:
type: string
format: "{human-readible-name}_{icon-hash}"
nullable: false
description: The unique identifier of the icon. Can be used as a key to retrieve the matching icon that is shipped within the Mobile App package.
example: bnpparibasfortis_ABCDEF
url:
type: string
format: url
nullable: false
description: The relative url where the icon can be retrieved from.
example: "/resources/images/service_partners/bnppf/ABCDEF"
Identifier:
type: string
format: uuid
nullable: false
description: The identifier of an Entity.
ServiceAction:
type: object
description: >
Object representing a Service Action in the itsme ecosystem.
The Mobile App does not use predefined Service Action type templates,
but instead implements a What You Send Is What I Show-principle.
required:
- authentication_level
- claims
- claim_groups
- created_at
- expires_at
- id
- status
- title
- type
properties:
approval_advance_payment:
$ref: "#/components/schemas/ServiceActionApprovalAdvancePayment"
approval_free_text:
$ref: "#/components/schemas/ServiceActionApprovalFreeText"
authentication_level:
type: string
nullable: false
enum:
- BASIC
- ADVANCED
description: >
The security level required to Confirm this Service Action:
* `BASIC` - User can accept the Action via pin OR biometrics
* `ADVANCED` - User can only accept the Action via pin
claims:
type: array
nullable: false
description: List of User Claims associated with the Service Action.
items:
$ref: "#/components/schemas/ServiceActionClaim"
claim_groups:
type: array
nullable: false
description: List of User Claim Groups associated with the Service Action.
items:
$ref: "#/components/schemas/ServiceActionClaimGroup"
created_at:
allOf:
- $ref: "#/components/schemas/Date"
- nullable: false
description: Timestamp at which the action has been created.
expires_at:
allOf:
- $ref: "#/components/schemas/Date"
- nullable: false
description: Timestamp at which the action will expire.
icon:
allOf:
- $ref: "#/components/schemas/Icon"
- description: Icon associated with the Service Action. Can be a general Service Action icon or the Service Partner logo.
id:
$ref: "#/components/schemas/ServiceActionID"
info:
type: string
nullable: true
description: A contextual text describing the Service Action.
example: Signature of 1 document at My Bank
partner_code:
type: string
nullable: true
description: The unique code of the partner associated with the Service Action.
example: BNPPF
partner_name:
type: string
nullable: true
description: The human-readable name of the partner associated with the Service Action.
example: BNP Paribas Fortis
pokayokes:
type: array
nullable: true
description: List respresenting the Poka Yoka options belonging to the Service Action.
items:
$ref: "#/components/schemas/ServiceActionPokaYoke"
example:
- 9
- 12
- 23
processed_at:
allOf:
- $ref: "#/components/schemas/Date"
- nullable: false
description: Timestamp at which the action has been processed (confirmed / rejected) by the server.
service_code:
type: string
nullable: true
description: The unique code of the service associated with the Service Action.
example: V9SHePPg3rBhTHePP2bqbtjjtndu4dd2mgrvkobnu2izl
service_name:
type: string
nullable: true
description: The human-readable name of the service associated with the Service Action.
example: login-service
signature:
$ref: "#/components/schemas/ServiceActionSignature"
status:
$ref: "#/components/schemas/ServiceActionStatus"
title:
type: string
description: The localized title of the Service Action. Will typically be closely related to the type of the Service Action.
nullable: false
type:
type: string
description: >
The type of Service Action:
* `APPROVAL` - A Confirm action. Can either be a Confirm Free Text action or a Confirm Advance Payment action.
* `CREATE_CERT` - A Create (Signing) Certificate action.
* `LOGIN` - A Login action.
* `SHARE` - A Share ID Data action.
* `SIGN` - A Sign action.
enum:
- APPROVAL
- CREATE_CERT
- LOGIN
- SHARE
- SIGN
nullable: false
ServiceActionApprovalAdvancePayment:
type: object
nullable: true
description: Object representing the data of a money transaction to be approved (confirmed) by the User.
required:
- amount_currency
- amount_value
- iban_from
- iban_to
properties:
amount_currency:
type: string
description: The currency of the amount to be transferred.
nullable: false
amount_value:
type: string
description: The value of the amount to be transferred.
nullable: false
iban_from:
type: string
format: iban
description: The IBAN where the amount will be transferred from.
nullable: false
iban_to:
type: string
format: iban
description: The IBAN where the amount will be transferred to.
nullable: false
ServiceActionApprovalFreeText:
type: string
nullable: true
description: >
The textual data to be approved (confirmed) by the User.
Can contain the following HTML tags: `<br>`, `<b>`, `<i>`,`<u>`.
ServiceActionClaim:
type: object
nullable: false
description: Object respresenting a User Claim.
required:
- id
- name
properties:
group_id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Service Action Claim Group whereto the User Claim belongs.
id:
type: string
nullable: false
description: The identifier of the User Claim.
example: STREET
is_excluded_from_ocra_challenge:
type: boolean
default: false
nullable: false
description: Indicates whether the User Claim id should be excluded in the OCRA Challenge.
is_shown:
type: boolean
default: true
nullable: false
description: Indicates whether the User Claim name should be shown in the Mobile App.
name:
type: string
nullable: false
description: The localized, human-readable name of the User Claim.
example: Straat
origin:
type: string
nullable: true
description: The origin of the User Claim.
example: BE Identity Wallet
ServiceActionClaimGroup:
type: object
nullable: false
description: Object respresenting a Group of User Claims.
required:
- id
- name
properties:
icon:
allOf:
- $ref: "#/components/schemas/Icon"
- description: Icon associated with the User Claim Group.
example:
id: identitydata_ABCDEF
url: /images/actions/userclaimgroups/identitydata.png
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Service Action Claim Group.
name:
type: string
description: The localized, human-readable name of the User Claim Group.
nullable: false
example: My ID Data
ServiceActionID:
type: string
nullable: false
description: The identifier of the Service Action.
example: f4dhxo44eqs7m11lobj92lqtvpnv9z5s5z3e
ServiceActionPokaYoke:
type: integer
format: int32
nullable: false
description: Object representing a Service Action Poka Yoke.
example: 9
ServiceActionSignature:
type: object
nullable: true
description: Object respresenting a Qualified Electronic Signature of Documents.
required:
- certificate_alias
- documents
- object_id
- policy_name
- policy_url
properties:
certificate_alias:
type: string
nullable: false
commitment_text:
type: string
nullable: false
commitment_type:
type: string
nullable: true
documents:
type: array
nullable: false
items:
$ref: "#/components/schemas/ServiceActionSignatureDocument"
object_id:
type: string
nullable: false
package_description:
type: string
nullable: true
policy_name:
type: string
nullable: false
policy_url:
type: string
nullable: false
signer_role:
type: string
nullable: false
ServiceActionSignatureDocument:
type: object
nullable: false
description: Object respresenting a document to sign.
required:
- hash
properties:
hash:
type: string
nullable: false
description: The hash value of the document to sign.
name:
type: string
nullable: true
description: A human-readible name of the document to sign.
ServiceActionStatus:
type: string
nullable: false
enum:
- CONFIRMED
- EXPIRED
- PENDING
- REJECTED_BY_USER
- REJECTED_DUE_TO_WRONG_POKAYOKE_SELECTION
description: >
The state the action is in:
* `CONFIRMED` - The User has confirmed the Action
* `EXPIRED` - The Action is expired
* `PENDING` - The User has to Confirm or Reject the Action
* `REJECTED_BY_USER` - The User has rejected the Action
* `REJECTED_DUE_TO_WRONG_POKAYOKE_SELECTION` - The Action was rejected by the Server due to a wrong Poka Yoke selection by the User
ServicePartner:
type: object
description: Object representing a Service Partner in the itsme ecosystem, eg Doccle.
required:
- icon
- id
- name
- services
properties:
description:
type: string
format: plain-text
nullable: false
description: A human-readible, localized description of the Service Partner to be displayed on the Service Partner detail page.
example: A safe-haven for all your sensitive documents.
disclaimer:
type: string
format: plain-text
nullable: false
description: A human-readible, localized disclaimer of the Service Partner to be displayed on the Service Partner detail page.
example: You can also upload your own documents.
header_image:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The Service Partner header image.
example:
id: izimi_XYZ
url: /resources/images/service_partners/izimi/XYZ
icon:
allOf:
- $ref: "#/components/schemas/Icon"
- description: The Service Partner logo.
example:
id: izimi_ABCDEF
url: /resources/images/service_partners/izimi/ABCDEF
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Service Partner.
name:
type: string
format: plain-text
nullable: false
description: The human-readible, localized name to be displayed of the Service Partner.
example: Izimi
provider:
type: string
format: plain-text
nullable: false
description: The human-readible, localized provider to be displayed of the Service Partner.
example: FedNot
services:
type: array
nullable: false
description: A list of the itsme services that the Service Partner leverages.
items:
type: string
enum:
- LOGIN
- CONFIRM
- SIGN
- SHARE
example:
- LOGIN
- SHARE
services_share_items:
type: array
nullable: false
description: A list of the human-readible, localized description of data items that can be shared via the SHARE service.
items:
type: string
format: plain-text
example:
- ID Details
- EPC
- Vaccination Certificate
associated_entity:
allOf:
- $ref: "#/components/schemas/AssociatedEntity"
- description: The type of Entity associated to the Item.
video_url:
type: string
format: url
nullable: false
description: The URL linking to the featured video of the Service Partner.
example: https://www.youtube.com/itsme/ABCDEF
text_color:
allOf:
- $ref: "#/components/schemas/Color"
- description: The HEX-value of the color the title should be shown in.
nullable: false
ServicePartnerCategory:
type: object
required:
- id
- name
- service_partners
properties:
id:
allOf:
- $ref: "#/components/schemas/Identifier"
- description: The identifier of the Service Partner Category.
name:
type: string
format: plain-text
nullable: false
description: The human-readable, localized name of the Service Partner Category.
example: Finance
service_partners:
type: array
nullable: false
description: A list of Service Partners belonging to this Service Partner Category.
items:
$ref: "#/components/schemas/DiscoveryBlockListItem"
Version:
type: string
format: "major.minor.patch"
nullable: false
description: Object representing a version of a system.
example: "3.2.1"
securitySchemes:
BasicAuthentication:
type: http
scheme: basic
description: Provide the consumerKey (username) & consumerSecret (password).
PrivateBearerToken:
type: http
scheme: bearer
description: Retrieved by calling the /token endpoint using the app instance's private consumerKey & consumerSecret.
tags:
- name: Authentication
description: Endpoints used to retrieve an access token.
- name: Account - Service Actions
description: Endpoints related to handling Service Actions.
- name: Discovery
description: Endpoints related to Discovery.
- name: Static Resources
description: Endpoints related to fetching static resources.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment