Consent Management
Secure way to manage access to your account information
Introduction
Consent is the core of the open banking system and is crucial to maintaining regulatory standards and improving privacy and data security. SingleView Open Banking API allows users to securely access their banking information and control data sharing by managing their consent as per the regulatory standards.
User consent is captured at the bank by requesting access to the specific user's account information.
Important information
- A bank account without/expired user consent cannot be accessed through the AIS services as per the regulatory standards.
- To manage your consent, ensure a valid access token that must be included in the request.
SingleView Open Banking API's consent management feature allows the users to:
- Create new consent
- View consent details
- Revoke consent
Create Consent
A new consent can generated by sending a request to the banks through the SingleView APIs. The consent generated authorizes SingleView APIs to enable Account Information Services and retrieve account information for the specific bank account(s) included in the consent. A user can access multiple accounts of a particular bank through a registered and linked consent or can choose to create individual consent.
Endpoint details
| Endpoint URL | Method | Authentication requirements |
|---|---|---|
/v1/api/observice/connect | POST | 1. clientId2. clientCode3. signature4. Authorization Bearer: Token |
Sample request
{
"dateTimeStamp": "YYYY-MM-DDTHH:MM:SS",
"requestID": "Enter_Request_ID",
"merchantId": "Enter_Merchant_Id",
"useCaseType":"AISP",
"redirectUrl":"Enter_Redirect_URL",
"banks": [
{
"code": "Enter_Bank_Code",
"permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadParty",
"ReadPartyPSU",
"ReadPartyPSUIdentity",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadTransactionsBasic",
"ReadTransactionsDetail",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadScheduledPaymentsBasic",
"ReadScheduledPaymentsDetail",
"ReadDirectDebits",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail"
],
"expiryDate": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"txnFromDate": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"txnToDate": "YYYY-MM-DDTHH:MM:SS.SSSZ"
}
]
}
Request description
| JSON Tag | Description | Data type |
|---|---|---|
| dateTimeStamp Mandatory | Denoting the date and time of the request | String |
| requestID Mandatory | Unique request identification details | String |
| merchantID Mandatory | Unique merchant identification details | String |
| useCaseType Mandatory | Type of service/use case. To be mentioned as " AISP" in this case | String |
| redirectUrl Mandatory | URL assigned to redirect the user information | String |
| banks Mandatory | Array of banks' consents | Object |
| code Mandatory | Unique bank identification code | String |
| permissions Mandatory | List of permissions requested through the consentReadAccountsBasic ReadAccountsDetail ReadBalances ReadBeneficiariesBasic ReadBeneficiariesDetail ReadDirectDebits ReadTransactionsBasic ReadTransactionsCredits ReadTransactionsDebits ReadTransactionsDetail ReadProducts ReadStandingOrdersDetail ReadProducts ReadStandingOrdersDetail ReadStatementsDetail ReadParty ReadPartyPSU | Array of strings |
| expiryDate Mandatory | Consent expiry date and time | String |
| txnFromDate Mandatory | Initial date & time for the allotted transaction access period | String |
| txnToDate Mandatory | Final date & time for the allotted transaction access period | String |
Sample response
{
"success": true,
"payload": [
{
"code": "Bank_Code",
"data": {
"permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadParty",
"ReadPartyPSU",
"ReadPartyPSUIdentity",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadTransactionsBasic",
"ReadTransactionsDetail",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadScheduledPaymentsBasic",
"ReadScheduledPaymentsDetail",
"ReadDirectDebits",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail"
],
"expirationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"transactionFromDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"transactionToDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"consentId": "Consent_ID",
"status": "Consent_status",
"creationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"statusUpdateDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
},
"links": {
"self": "https://"
},
"meta": {
"totalPages": 1,
"totalRecords": 1,
"requestDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
},
"scope": "scope_of_accounts",
"bankRedirectUrl": "https://"
}
]
}
Response description
| JSON Tag | Description |
|---|---|
| success | Process success status represented as true or false |
| payload | Process response tag |
| code | Unique bank code identifier |
| data | Data tag for specific bank account consent |
| permissions | List of permissions provided in the consent |
| expirationDateTime | Date and time for consent expiry |
| transactionFromDateTime | Initial date & time for the allotted transaction access period |
| transactionToDateTime | Final date & time for the allotted transaction access period |
| consentId | Unique consent identification |
| status | Status of consent processing |
| creationDateTime | Date and time of representing the creation of consent |
| statusUpdateDateTime | Most recent time and date representing latest consent update |
| links | Redirect links |
| self | Own link/url details |
| meta | Meta tag |
| totalRecords | Total number of records included in the response |
| requestDateTime | Date and time of the request |
| scope | Details on the scope of account |
| bankRedirectUrl | Bank redirect URL for reflecting the results |
Get Consent Details
Check consent details by sending a request included with the account specific consent IDs.
Endpoint details
| Endpoint URL | Method | Authentication requirements |
|---|---|---|
/v1/api/observice/consent/details | POST | 1. clientId2. clientCode3. signature4. Authorization Bearer: Token |
Sample request
{
"dateTimeStamp": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"requestID": "Enter_Request_Id",
"merchantId": "Enter_Merchant_Id",
"banks": [
{
"code": "Enter_Bank_Code",
"consentId":"Enter_Consent_ID"
}
]
}
Request description
| JSON Tag | Description | Data type |
|---|---|---|
| dateTimeStamp Mandatory | Denoting the time and date of the request | String |
| requestID Mandatory | Unique request identification details | String |
| merchantId Mandatory | Unique merchant identification details | String |
| banks Mandatory | Array of banks data | Object |
| code Mandatory | Unique bank identification code | String |
| consentId Mandatory | Unique consent identification details | String |
Sample response
{
"success": true,
"payload": [
{
"code": "Bank_Code",
"data": {
"permissions": [
"ReadAccountsBasic",
"ReadAccountsDetail",
"ReadBalances",
"ReadParty",
"ReadPartyPSU",
"ReadPartyPSUIdentity",
"ReadBeneficiariesBasic",
"ReadBeneficiariesDetail",
"ReadTransactionsBasic",
"ReadTransactionsDetail",
"ReadTransactionsCredits",
"ReadTransactionsDebits",
"ReadScheduledPaymentsBasic",
"ReadScheduledPaymentsDetail",
"ReadDirectDebits",
"ReadStandingOrdersBasic",
"ReadStandingOrdersDetail"
],
"expirationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"transactionFromDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"transactionToDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"consentId": "Enter_Consent_ID",
"status": "Status_of_the_Consent",
"creationDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"statusUpdateDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
},
"links": {
"self": "https://"
},
"meta": {
"totalPages": 1,
"totalRecords": 1,
"requestDateTime": "YYYY-MM-DDTHH:MM:SS.SSSZ"
},
"scope": {}
}
]
}
Response details
| JSON Tag | Description |
|---|---|
| success | Process success status represented as true or false |
| payload | Process response tag |
| code | Unique bank code identifier |
| data | Data tag for specific bank account consent |
| permissions | List of permissions provided in the consent |
| expirationDateTime | Date and time for consent expiry |
| transactionFromDateTime | Initial date & time for the allotted transaction access period |
| transactionToDateTime | Final date & time for the allotted transaction access period |
| consentId | Unique consent identification |
| status | Status of consent processing |
| creationDateTime | Date and time of representing the creation of consent |
| statusUpdateDateTime | Most recent time and date representing latest consent update |
| links | Redirect links |
| self | Own link/url details |
| meta | Meta tag |
| totalPages | Page length of the response |
| totalRecords | Total number of records included in the response |
| requestDateTime | Date and time of the request |
| scope | Details on the scope of account |
Revoke Consent
To remove or stop the account access authority, you need to revoke the existing active consents. This can be done by sending a request to revoke the specific consent by providing consent ID that accordingly disables the services for that particular account.
Endpoint details
| Endpoint URL | Method | Authentication requirements |
|---|---|---|
/v1/api/observice/consent/delete | POST | 1. clientId2. clientCode3. signature4. Authorization Bearer: Token |
Sample request
{
"dateTimeStamp": "YYYY-MM-DDTHH:MM:SS.SSSZ",
"requestID": "Enter_Request_Id",
"merchantId": "Enter_Merchant_Id",
"banks": [
{
"code": "Enter_Bank_Code",
"consentId":"Enter_Consent_Id"
}
]
}
Request details
| JSON Tag | Description | Data type |
|---|---|---|
| dateTimeStamp Mandatory | Denoting the time and date of the request | String |
| requestID Mandatory | Unique request identification details | String |
| merchantId Mandatory | Unique merchant identification details | String |
| banks Mandatory | Array of banks data | Object |
| code Mandatory | Unique bank identification code | String |
| consentId Mandatory | Unique consent identification details | String |
Sample response
{
"success": true,
"payload": [
{
"code": "Bank_Code",
"consentId": "Consent_Id",
"success": true,
"message": "Message_Details",
"status": "Status_of_the_process"
}
]
}
Response description
| JSON Tag | Description |
|---|---|
| success | Process success status represented as true or false |
| payload | Process response tag |
| code | Unique bank code identifier |
| consentId | Unique identification for a bank account(s) consent |
| success | Boolean of the process result as true or false |
| message | Message about the process action |
| status | Status of the specific consent |
Updated about 1 month ago