Consent Management

Secure way to manage access to your account information

Introduction

Consent is the core of the open banking system and is crucial to maintaining regulatory standards and improving privacy and data security. SingleView Open Banking API allows users to securely access their banking information and control data sharing by managing their consent as per the regulatory standards.

User consent is captured at the bank by requesting access to the specific user's account information.

🚧

Important information

  • A bank account without/expired user consent cannot be accessed through the AIS services as per the regulatory standards.
  • To manage your consent, ensure a valid access token that must be included in the request.

SingleView Open Banking API's consent management feature allows the users to:

  • Create new consent
  • View consent details
  • Revoke consent

Create Consent

A new consent can generated by sending a request to the banks through the SingleView APIs. The consent generated authorizes SingleView APIs to enable Account Information Services and retrieve account information for the specific bank account(s) included in the consent. A user can access multiple accounts of a particular bank through a registered and linked consent or can choose to create individual consent.

Endpoint details

Endpoint URLMethodAuthentication requirements
/v1/api/observice/connectPOST1. clientId
2. clientCode
3. signature
4. Authorization Bearer: Token

Sample request

{
  "dateTimeStamp": "YYYY-MM-DDTHH:MM:SS",
  "requestID": "Enter_Request_ID",
  "merchantId": "Enter_Merchant_Id",
  "useCaseType":"AISP",
  "redirectUrl":"Enter_Redirect_URL",
  "banks": [
    {
      "code": "Enter_Bank_Code",
      "permissions": [
        "ReadAccountsBasic",
        "ReadAccountsDetail",
        "ReadBalances",
        "ReadParty",
        "ReadPartyPSU",
        "ReadPartyPSUIdentity",
        "ReadBeneficiariesBasic",
        "ReadBeneficiariesDetail",
        "ReadTransactionsBasic",
        "ReadTransactionsDetail",
        "ReadTransactionsCredits",
        "ReadTransactionsDebits",
        "ReadScheduledPaymentsBasic",
        "ReadScheduledPaymentsDetail",
        "ReadDirectDebits",
        "ReadStandingOrdersBasic",
        "ReadStandingOrdersDetail"
      ],
      "expiryDate": "YYYY-MM-DDTHH:MM:SS.SSSZ",
      "txnFromDate": "YYYY-MM-DDTHH:MM:SS.SSSZ",
      "txnToDate": "YYYY-MM-DDTHH:MM:SS.SSSZ"
    }
  ]
}

Request description

JSON TagDescriptionData type
dateTimeStamp
Mandatory
Denoting the date and time of the requestString
requestID
Mandatory
Unique request identification detailsString
merchantID
Mandatory
Unique merchant identification detailsString
useCaseType
Mandatory
Type of service/use case.
To be mentioned as "AISP" in this case
String
redirectUrl
Mandatory
URL assigned to redirect the user informationString
banks
Mandatory
Array of banks' consentsObject
code
Mandatory
Unique bank identification codeString
permissions
Mandatory
List of permissions requested through the consent
ReadAccountsBasic ReadAccountsDetail ReadBalances ReadBeneficiariesBasic ReadBeneficiariesDetail ReadDirectDebits ReadTransactionsBasic ReadTransactionsCredits ReadTransactionsDebits ReadTransactionsDetail ReadProducts ReadStandingOrdersDetail ReadProducts ReadStandingOrdersDetail ReadStatementsDetail ReadParty ReadPartyPSU
Array of strings
expiryDate
Mandatory
Consent expiry date and timeString
txnFromDate
Mandatory
Initial date & time for the allotted transaction access periodString
txnToDate
Mandatory
Final date & time for the allotted transaction access periodString

Sample response

  {
    "success": true,
    "payload": [
      {
        "code": "Bank_Code",
        "data": {
          "permissions": [
            "ReadAccountsBasic",
            "ReadAccountsDetail",
            "ReadBalances",
            "ReadParty",
            "ReadPartyPSU",
            "ReadPartyPSUIdentity",
            "ReadBeneficiariesBasic",
            "ReadBeneficiariesDetail",
            "ReadTransactionsBasic",
            "ReadTransactionsDetail",
            "ReadTransactionsCredits",
            "ReadTransactionsDebits",
            "ReadScheduledPaymentsBasic",
            "ReadScheduledPaymentsDetail",
            "ReadDirectDebits",
            "ReadStandingOrdersBasic",
            "ReadStandingOrdersDetail"
          ],
          "expirationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
          "transactionFromDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
          "transactionToDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
          "consentId": "Consent_ID",
          "status": "Consent_status",
          "creationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
          "statusUpdateDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
        },
        "links": {
          "self": "https://"
        },
        "meta": {
          "totalPages": 1,
          "totalRecords": 1,
          "requestDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
        },
        "scope": "scope_of_accounts",
        "bankRedirectUrl": "https://"
      }
    ]
  }

Response description

JSON TagDescription
successProcess success status represented as true or false
payloadProcess response tag
codeUnique bank code identifier
dataData tag for specific bank account consent
permissionsList of permissions provided in the consent
expirationDateTimeDate and time for consent expiry
transactionFromDateTimeInitial date & time for the allotted transaction access period
transactionToDateTimeFinal date & time for the allotted transaction access period
consentIdUnique consent identification
statusStatus of consent processing
creationDateTimeDate and time of representing the creation of consent
statusUpdateDateTimeMost recent time and date representing latest consent update
linksRedirect links
selfOwn link/url details
metaMeta tag
totalRecordsTotal number of records included in the response
requestDateTimeDate and time of the request
scopeDetails on the scope of account
bankRedirectUrlBank redirect URL for reflecting the results

Get Consent Details

Check consent details by sending a request included with the account specific consent IDs.

Endpoint details

Endpoint URLMethodAuthentication requirements
/v1/api/observice/consent/detailsPOST1. clientId
2. clientCode
3. signature
4. Authorization Bearer: Token

Sample request

{
  "dateTimeStamp": "YYYY-MM-DDTHH:MM:SS.SSSZ",
  "requestID": "Enter_Request_Id",
  "merchantId": "Enter_Merchant_Id",
  "banks": [
    {
      "code": "Enter_Bank_Code",
      "consentId":"Enter_Consent_ID"
    }
  ]
}

Request description

JSON TagDescriptionData type
dateTimeStamp
Mandatory
Denoting the time and date of the requestString
requestID
Mandatory
Unique request identification detailsString
merchantId
Mandatory
Unique merchant identification detailsString
banks
Mandatory
Array of banks dataObject
code
Mandatory
Unique bank identification codeString
consentId
Mandatory
Unique consent identification detailsString

Sample response

{
  "success": true,
  "payload": [
    {
      "code": "Bank_Code",
      "data": {
        "permissions": [
          "ReadAccountsBasic",
          "ReadAccountsDetail",
          "ReadBalances",
          "ReadParty",
          "ReadPartyPSU",
          "ReadPartyPSUIdentity",
          "ReadBeneficiariesBasic",
          "ReadBeneficiariesDetail",
          "ReadTransactionsBasic",
          "ReadTransactionsDetail",
          "ReadTransactionsCredits",
          "ReadTransactionsDebits",
          "ReadScheduledPaymentsBasic",
          "ReadScheduledPaymentsDetail",
          "ReadDirectDebits",
          "ReadStandingOrdersBasic",
          "ReadStandingOrdersDetail"
        ],
        "expirationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
        "transactionFromDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
        "transactionToDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
        "consentId": "Enter_Consent_ID",
        "status": "Status_of_the_Consent",
        "creationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
        "statusUpdateDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
      },
      "links": {
        "self": "https://"
      },
      "meta": {
        "totalPages": 1,
        "totalRecords": 1,
        "requestDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
      },
      "scope": {}
    }
  ]
}

Response details

JSON TagDescription
successProcess success status represented as true or false
payloadProcess response tag
codeUnique bank code identifier
dataData tag for specific bank account consent
permissionsList of permissions provided in the consent
expirationDateTimeDate and time for consent expiry
transactionFromDateTimeInitial date & time for the allotted transaction access period
transactionToDateTimeFinal date & time for the allotted transaction access period
consentIdUnique consent identification
statusStatus of consent processing
creationDateTimeDate and time of representing the creation of consent
statusUpdateDateTimeMost recent time and date representing latest consent update
linksRedirect links
selfOwn link/url details
metaMeta tag
totalPagesPage length of the response
totalRecordsTotal number of records included in the response
requestDateTimeDate and time of the request
scopeDetails on the scope of account

Revoke Consent

To remove or stop the account access authority, you need to revoke the existing active consents. This can be done by sending a request to revoke the specific consent by providing consent ID that accordingly disables the services for that particular account.

Endpoint details

Endpoint URLMethodAuthentication requirements
/v1/api/observice/consent/deletePOST1. clientId
2. clientCode
3. signature
4. Authorization Bearer: Token

Sample request

{
  "dateTimeStamp": "YYYY-MM-DDTHH:MM:SS.SSSZ",
  "requestID": "Enter_Request_Id",
  "merchantId": "Enter_Merchant_Id",
  "banks": [
    {
      "code": "Enter_Bank_Code",
      "consentId":"Enter_Consent_Id"
    }
  ]
}

Request details

JSON TagDescriptionData type
dateTimeStamp
Mandatory
Denoting the time and date of the requestString
requestID
Mandatory
Unique request identification detailsString
merchantId
Mandatory
Unique merchant identification detailsString
banks
Mandatory
Array of banks dataObject
code
Mandatory
Unique bank identification codeString
consentId
Mandatory
Unique consent identification detailsString

Sample response

{
  "success": true,
  "payload": [
    {
      "code": "Bank_Code",
      "consentId": "Consent_Id",
      "success": true,
      "message": "Message_Details",
      "status": "Status_of_the_process"
    }
  ]
}

Response description

JSON TagDescription
successProcess success status represented as true or false
payloadProcess response tag
codeUnique bank code identifier
consentIdUnique identification for a bank account(s) consent
successBoolean of the process result as true or false
messageMessage about the process action
statusStatus of the specific consent