Skip to main content
Update Account Pre-authorisation
curl --request PUT \
  --url https://api.yapily.com/account-auth-requests \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json;charset=UTF-8' \
  --header 'consent: <consent>' \
  --data '
{
  "applicationUserId": "string",
  "institutionId": "n26"
}
'
{
  "meta": {
    "tracingId": "ee8e5bcfedf348b18ae45a34135790cc"
  },
  "data": {
    "id": "68e14e00-38b0-467d-a999-f70340e467b3",
    "userUuid": "e2578545-27a4-4edf-983f-5d33c2d7b559",
    "applicationUserId": "string",
    "institutionId": "n26",
    "institutionConsentId": "87ec9ded-d5ea-4fb6-80c5-ad4c88246c9f",
    "state": "4f4f9766f7264afc96a5269d6e65e066",
    "status": "AWAITING_DECOUPLED_AUTHORIZATION",
    "authorizedAt": "2021-05-13T09:00:06.867Z",
    "createdAt": "2021-05-13T08:59:23.864Z",
    "featureScope": [
      "ACCOUNT_TRANSACTIONS",
      "INITIATE_PRE_AUTHORISATION",
      "ACCOUNTS",
      "ACCOUNT_TRANSACTIONS_WITH_MERCHANT"
    ]
  }
}
Learn more: Pre-Authorisation Flow

Authorizations

Authorization
string
header
required

Use HTTP Basic Authentication with your Application ID as username and Application Secret as password. Manage credentials in the Yapily Console. See Authentication for details.

Headers

consent
string
required

Mandatory. The consent-token containing the user's authorisation to make the request.

psu-id
string

Conditional. Represents the user's login ID for the Institution to a personal account.

See PSU identifiers to see if this header is required.

psu-corporate-id
string

Conditional. Represents the user's login ID for the Institution to a business account.

See PSU identifiers to see if this header is required.

psu-ip-address
string

Conditional. The IP address of the PSU.

See PSU identifiers to see if this header is required.

sub-application
string<uuid>

The sub-application ID to which event type is being subscribed to

Body

application/json;charset=UTF-8
institutionId
string
required

Mandatory. The reference to the Institution which identifies which institution the authorisation request is sent to.

Example:

"yapily-mock"

userUuid
string<uuid>

User for which the authorisation request was created.

applicationUserId
string

Conditional. User-friendly identifier of the User that provides authorisation. If a User with the specified applicationUserId exists, it will be used otherwise, a new User with the specified applicationUserId will be created and used. Either the userUuid or applicationUserId must be provided.

Example:

"user-234562290"

forwardParameters
string[]

Extra parameters the TPP may want to get forwarded in the callback request after the PSU redirect.

callback
string

Optional. The server to redirect the user to after the user completes the authorisation at the Institution.

See Using a callback (Optional) for more information.

Example:

"https://display-parameters.com"

redirect
object

Optional. The server to redirect the user to after the user complete the authorisation at the Institution.

oneTimeToken
boolean

Conditional. Used to receive a oneTimeToken rather than a consentToken at the callback for additional security. This can only be used when the callback is set.

See Using a callback with an OTT (Optional) for more information.

Example:

false

accountRequest
object

Conditional. Used to further specify details of the Consent to request

Conditions:

  1. Mandatory to specify the individual scopes to request from the user at the Institution for an account authorisation
  2. Mandatory to specify an expiry time on the created Consent at which time will render it unusable
  3. Mandatory to specify the date range that the created Consent will be able to access transactions for (given the range is support for the Institution)

Response

Ok

meta
object
data
object
links
object
forwardedData
object[]
raw
object[]
deprecated