Skip to main content

Page contents

What this API does:

When using our Sandbox, we have a predefined, pre-authorised set of consents to be used within the environment. The predefined authorisation code is provided in the test data.

This API lets you create, remove and check customer consent status.

Before calling the API, you must have an access token issued by Virgin Money using a 'Client Credentials' grant.

This API does not support Readoffers or Readproducts permissions.

Endpoint configuration

Sandbox:  cb.sandbox-api-nc.cybservices.co.uk/open-banking/v3.1/aisp/account-access-consents

Production:  api.openbanking.virginmoney.com/open-banking/v3.1/aisp/account-access-consents

This API lets you ask Virgin Money to create a new account-access-consent resource:

  • It lets you send a copy of the consent to Virgin Money to authorise access to account and transaction information
  • You can’t pre-select a set of accounts for account-access-consent authorisation
  • Virgin Money will create the account-access-consent resource and provide a unique ConsentID
  • Before calling the API, you must have an access token issued by Virgin Money using a client credentials grant

We have a predefined, pre-authorised set of consents to be used within the Sandbox environment. The predefined authorisation code is provided in the test data. Link opens in a new window

Using the authorisation code, create request for a new token using grant type = authorization_code. 

The token will return the consent ID as part of ID Token in the token response. 

Sandbox:  cb.sandbox-api-nc.cybservices.co.uk/open-banking/v3.1/aisp/account-access-consents/{ConsentId}

Production:  api.openbanking.virginmoney.com/open-banking/v3.1/aisp/account-access-consents/{ConsentId}

You can retrieve an account-access-consent resource that you’ve created to check its status.

Before calling the API, you must have an access token issued by Virgin Money using a client credentials grant.

Sandbox:  cb.sandbox-api-nc.cybservices.co.uk/open-banking/v3.1/aisp/account-access-consents/{ConsentId}

Production:  api.openbanking.virginmoney.com/open-banking/v3.1/aisp/account-access-consents/{ConsentId}

If a customer revokes consent to data access you must delete the account-access-consent resource with Virgin Money before you confirm consent revocation with the customer.

API calls

Account Access

NameDescription
x-fapi-auth-date
string
(header)

The time when the PSU last logged in with the TPP.
All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:
Sun, 10 Sep 2017 19:43:31 UTC

Content-Type *
string
(header)

application/json

x-fapi-customer-ip-address
string
(header)

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string
(header)
An RFC4122 UID used as a correlation id.
Authorization *
string
(header)
body *
(body)

{
"Data": {
"Permissions": [
"ReadAccountsBasic"
],
"ExpirationDateTime": "2024-06-11T12:47:10.950Z",
"TransactionFromDateTime": "2024-06-11T12:47:10.950Z",
"TransactionToDateTime": "2024-06-11T12:47:10.950Z"
},
"Risk": {}
}
#/definitions/OBReadConsent1OBReadConsent1{
Data*{
Permissions*[
minItems: 1
string

Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.

Enum:
[ ReadAccountsBasic, ReadAccountsDetail, ReadBalances, ReadBeneficiariesBasic, ReadBeneficiariesDetail, ReadDirectDebits, ReadOffers, ReadPAN, ReadParty, ReadPartyPSU, ReadProducts, ReadScheduledPaymentsBasic, ReadScheduledPaymentsDetail, ReadStandingOrdersBasic, ReadStandingOrdersDetail, ReadStatementsBasic, ReadStatementsDetail, ReadTransactionsBasic, ReadTransactionsCredits, ReadTransactionsDebits, ReadTransactionsDetail ]
]
ExpirationDateTimestring($date-time)

Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionFromDateTimestring($date-time)

Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionToDateTimestring($date-time)

Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
Risk*#/definitions/OBRisk2OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}
}

Responses

CodeDescription
201
Created

{
"Data": {
"ConsentId": "string",
"CreationDateTime": "2024-06-11T13:29:50.139Z",
"Status": "Authorised",
"StatusUpdateDateTime": "2024-06-11T13:29:50.139Z",
"Permissions": [
"ReadAccountsBasic"
],
"ExpirationDateTime": "2024-06-11T13:29:50.139Z",
"TransactionFromDateTime": "2024-06-11T13:29:50.139Z",
"TransactionToDateTime": "2024-06-11T13:29:50.139Z"
},
"Risk": {},
"Links": {
"Self": "string",
"First": "string",
"Prev": "string",
"Next": "string",
"Last": "string"
},
"Meta": {
"TotalPages": 0,
"FirstAvailableDateTime": "2024-06-11T13:29:50.139Z",
"LastAvailableDateTime": "2024-06-11T13:29:50.139Z"
}
}
#/definitions/OBReadConsentResponse1OBReadConsentResponse1{
Data*{
ConsentId*string
minLength: 1

maxLength: 128
Unique identification as assigned to identify the account access consent resource.
CreationDateTime*CreationDateTimestring($date-time)

Date and time at which the resource was created.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Status*string
Specifies the status of consent resource in code form.
Enum:
[ Authorised, AwaitingAuthorisation, Rejected, Revoked ]
StatusUpdateDateTime*StatusUpdateDateTimestring($date-time)

Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Permissions*[
minItems: 1
string

Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.

Enum:
[ ReadAccountsBasic, ReadAccountsDetail, ReadBalances, ReadBeneficiariesBasic, ReadBeneficiariesDetail, ReadDirectDebits, ReadOffers, ReadPAN, ReadParty, ReadPartyPSU, ReadProducts, ReadScheduledPaymentsBasic, ReadScheduledPaymentsDetail, ReadStandingOrdersBasic, ReadStandingOrdersDetail, ReadStatementsBasic, ReadStatementsDetail, ReadTransactionsBasic, ReadTransactionsCredits, ReadTransactionsDebits, ReadTransactionsDetail ]
]
ExpirationDateTimestring($date-time)

Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionFromDateTimestring($date-time)

Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionToDateTimestring($date-time)

Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
Risk*#/definitions/OBRisk2OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}
Links#/definitions/LinksLinks{
description:
Links relevant to the payload
Self*string
Firststring
Prevstring
Nextstring
Laststring
}
Meta#/definitions/MetaMeta{
description:
Meta Data relevant to the payload
TotalPagesinteger($int32)
FirstAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

LastAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
400
Bad request

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
401
Unauthorized

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
403
Forbidden

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
404
Not found

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
405
Method Not Allowed

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
406
Not Acceptable

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
429
Too Many Requests

Headers:

NameDescriptionType
Retry-After
Number in seconds to wait
integer
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
500
Internal Server Error

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
NameDescription
x-fapi-auth-date
string
(header)

The time when the PSU last logged in with the TPP.
All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:
Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string
(header)

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string
(header)
An RFC4122 UID used as a correlation id.
Authorization *
string
(header)
ConsentId *
string
(path)
ConsentId

Responses

CodeDescription
200
OK

{
"Data": {
"ConsentId": "string",
"CreationDateTime": "2024-06-11T15:03:46.887Z",
"Status": "Authorised",
"StatusUpdateDateTime": "2024-06-11T15:03:46.887Z",
"Permissions": [
"ReadAccountsBasic"
],
"ExpirationDateTime": "2024-06-11T15:03:46.887Z",
"TransactionFromDateTime": "2024-06-11T15:03:46.887Z",
"TransactionToDateTime": "2024-06-11T15:03:46.887Z"
},
"Risk": {},
"Links": {
"Self": "string",
"First": "string",
"Prev": "string",
"Next": "string",
"Last": "string"
},
"Meta": {
"TotalPages": 0,
"FirstAvailableDateTime": "2024-06-11T15:03:46.887Z",
"LastAvailableDateTime": "2024-06-11T15:03:46.887Z"
}
}
#/definitions/OBReadConsentResponse1OBReadConsentResponse1{
Data*{
ConsentId*string
minLength: 1

maxLength: 128
Unique identification as assigned to identify the account access consent resource.
CreationDateTime*CreationDateTimestring($date-time)

Date and time at which the resource was created.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Status*string
Specifies the status of consent resource in code form.
Enum:
[ Authorised, AwaitingAuthorisation, Rejected, Revoked ]
StatusUpdateDateTime*StatusUpdateDateTimestring($date-time)

Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Permissions*[
minItems: 1
string

Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.

Enum:
[ ReadAccountsBasic, ReadAccountsDetail, ReadBalances, ReadBeneficiariesBasic, ReadBeneficiariesDetail, ReadDirectDebits, ReadOffers, ReadPAN, ReadParty, ReadPartyPSU, ReadProducts, ReadScheduledPaymentsBasic, ReadScheduledPaymentsDetail, ReadStandingOrdersBasic, ReadStandingOrdersDetail, ReadStatementsBasic, ReadStatementsDetail, ReadTransactionsBasic, ReadTransactionsCredits, ReadTransactionsDebits, ReadTransactionsDetail ]
]
ExpirationDateTimestring($date-time)

Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionFromDateTimestring($date-time)

Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionToDateTimestring($date-time)

Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
Risk*#/definitions/OBRisk2OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}
Links#/definitions/LinksLinks{
description:
Links relevant to the payload
Self*string
Firststring
Prevstring
Nextstring
Laststring
}
Meta#/definitions/MetaMeta{
description:
Meta Data relevant to the payload
TotalPagesinteger($int32)
FirstAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

LastAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
400
Bad request

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
401
Unauthorized

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
403
Forbidden

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
404
Not found

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
405
Method Not Allowed

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
406
Not Acceptable

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
429
Too Many Requests

Headers:

NameDescriptionType
Retry-After
Number in seconds to wait
integer
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
500
Internal Server Error

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
NameDescription
x-fapi-auth-date
string
(header)

The time when the PSU last logged in with the TPP.
All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below:
Sun, 10 Sep 2017 19:43:31 UTC

x-fapi-customer-ip-address
string
(header)

The PSU's IP address if the PSU is currently logged in with the TPP.

x-fapi-interaction-id
string
(header)
An RFC4122 UID used as a correlation id.
Authorization *
string
(header)
ConsentId *
string
(path)
ConsentId

Responses

CodeDescription
204
No Content

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
400
Bad request

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
401
Unauthorized

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
403
Forbidden

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
404
Not found

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
405
Method Not Allowed

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
406
Not Acceptable

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
429
Too Many Requests

Headers:

NameDescriptionType
Retry-After
Number in seconds to wait
integer
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string
500
Internal Server Error

{
"Code": "string",
"Id": "string",
"Message": "string",
"Errors": [
{
"ErrorCode": "string",
"Message": "string",
"Path": "string",
"Url": "string"
}
]
}
#/definitions/OBErrorResponse1OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

Headers:

NameDescriptionType
x-fapi-interaction-id
An RFC4122 UID used as a correlation id.
string

Models

CreationDateTimestring($date-time)

Date and time at which the resource was created.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

ISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Meta{
description:
Meta Data relevant to the payload
TotalPagesinteger($int32)
FirstAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

LastAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}

OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}

OBErrorResponse1{
description:

An array of detail error codes, and messages, and URLs to documentation to help remediation.

Code*string
minLength: 1

maxLength: 40

High level textual error code, to help categorize the errors.

Idstring
minLength: 1

maxLength: 40

A unique reference for the error instance, for audit purposes, in case of unknown/unclassified errors.

Message*string
minLength: 1

maxLength: 500

Brief Error message, e.g., 'There is something wrong with the request parameters provided'

Errors*[
minItems: 1
#/definitions/OBError1OBError1{
ErrorCode*string

Low level textual error code, e.g., UK.OBIE.Field.Missing

Message*string
minLength: 1

maxLength: 500

A description of the error that occurred. e.g., 'A mandatory field isn't supplied' or 'RequestedExecutionDateTime must be in future'
OBIE doesn't standardise this field

Pathstring
minLength: 1

maxLength: 500

Recommended but optional reference to the JSON Path of the field with error, e.g., Data.Initiation.InstructedAmount.Currency

Urlstring

URL to help remediate the problem, or provide more information, or to API Reference, or help etc

}]
}

OBReadConsent1{
Data*{
Permissions*[
minItems: 1
string

Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.

Enum:
[ ReadAccountsBasic, ReadAccountsDetail, ReadBalances, ReadBeneficiariesBasic, ReadBeneficiariesDetail, ReadDirectDebits, ReadOffers, ReadPAN, ReadParty, ReadPartyPSU, ReadProducts, ReadScheduledPaymentsBasic, ReadScheduledPaymentsDetail, ReadStandingOrdersBasic, ReadStandingOrdersDetail, ReadStatementsBasic, ReadStatementsDetail, ReadTransactionsBasic, ReadTransactionsCredits, ReadTransactionsDebits, ReadTransactionsDetail ]
]
ExpirationDateTimestring($date-time)

Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionFromDateTimestring($date-time)

Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionToDateTimestring($date-time)

Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
Risk*#/definitions/OBRisk2OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}
}

OBReadConsentResponse1{
Data*{
ConsentId*string
minLength: 1

maxLength: 128
Unique identification as assigned to identify the account access consent resource.
CreationDateTime*CreationDateTimestring($date-time)

Date and time at which the resource was created.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Status*string
Specifies the status of consent resource in code form.
Enum:
[ Authorised, AwaitingAuthorisation, Rejected, Revoked ]
StatusUpdateDateTime*StatusUpdateDateTimestring($date-time)

Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Permissions*[
minItems: 1
string

Specifies the Open Banking account access data types. This is a list of the data clusters being consented by the PSU, and requested for authorisation with the ASPSP.

Enum:
[ ReadAccountsBasic, ReadAccountsDetail, ReadBalances, ReadBeneficiariesBasic, ReadBeneficiariesDetail, ReadDirectDebits, ReadOffers, ReadPAN, ReadParty, ReadPartyPSU, ReadProducts, ReadScheduledPaymentsBasic, ReadScheduledPaymentsDetail, ReadStandingOrdersBasic, ReadStandingOrdersDetail, ReadStatementsBasic, ReadStatementsDetail, ReadTransactionsBasic, ReadTransactionsCredits, ReadTransactionsDebits, ReadTransactionsDetail ]
]
ExpirationDateTimestring($date-time)

Specified date and time the permissions will expire.
If this is not populated, the permissions will be open ended.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionFromDateTimestring($date-time)

Specified start date and time for the transaction query period.
If this is not populated, the start date will be open ended, and data will be returned from the earliest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

TransactionToDateTimestring($date-time)

Specified end date and time for the transaction query period.
If this is not populated, the end date will be open ended, and data will be returned to the latest available transaction.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
Risk*#/definitions/OBRisk2OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}
Links#/definitions/LinksLinks{
description:
Links relevant to the payload
Self*string
Firststring
Prevstring
Nextstring
Laststring
}
Meta#/definitions/MetaMeta{
description:
Meta Data relevant to the payload
TotalPagesinteger($int32)
FirstAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

LastAvailableDateTimeISODateTimestring($date-time)

All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

}
}

OBRisk2{
description:
The Risk section is sent by the initiating party to the ASPSP. It is used to specify additional details for risk scoring for Account Info.
}

StatusUpdateDateTimestring($date-time)

Date and time at which the resource status was updated.All dates in the JSON payloads are represented in ISO 8601 date-time format.
All date-time fields in responses must include the timezone. An example is below:
2017-04-05T10:43:07+00:00

Having trouble?

Contact our dedicated team members via our ticketing system or via our support mailbox

OpenBankingResponse@virginmoney.com

Contact us Link opens in a new window