---
swagger: "2.0"
info:
  title: CustomerConsentAuthentication
  description: This API is used to Opt-in Check during Consent.
  version: 1.0.99
  x-ibm-name: CustomerConsentAuthentication
host: 127.0.0.1
schemes:
- https
basePath: /openapi
paths:
  /v1/oauth2/customers/consent:
    post:
      summary: This API is used to Opt-in Check during Consent
      description: This API is used to Opt-in Check during Consent
      tags:
      - oauth2
      produces:
      - application/json
      parameters:
      - name: uuid
        in: header
        description: 128 bit random UUID generated uniquely for every request.
        type: string
        required: true
      - name: Accept
        in: header
        description: Content-Type that are acceptable for the response.
        type: string
        required: true
      - name: client_id
        in: header
        description: Client ID generated during application registration.
        required: true
        type: string
      - name: Content-Type
        in: header
        description: application/json
        required: true
        type: string
      - name: clientDetails
        in: header
        description: This field is used to capture device,browser and network information.
          Refer the developer portal for more information.These are the fields which
          will be passed as part of the header devicePrint,deviceTokenCookie,userIpAddress,userAgent,hardwareId,simId,deviceModel,deviceName,deviceOsName,deviceOsVersion,multitaskingSupportFlag,languageSupport,wifiMacAddress,cellTowerId,locationAreaCode,rsaApplicationKey,wapClientId,mobileCarrierCode,mobileCountryCode,osId,geoLongitude,geoLatitude,geoHorizontalAccuracy,geoAltitude,geoAltitudeAccuracy,geoSpeed,geoTimestamp,geoStatus,basicServiceSetId,signalStrength,wifiChannel,serviceSetId
        type: string
        required: false
      - name: CustomerConsentAuthenticationRequest
        in: body
        schema:
          $ref: '#/definitions/CustomerConsentAuthenticationRequest'
        required: false
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/CustomerConsentAuthenticationResponse'
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidCredentials</td><td>User
            credentials are invalid</td></tr><tr><td>invalid</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>invalid</td><td>accessNotConfigured</td><td>The
            request operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request or Products from the response are not supported
            currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>resourceNotFound</td><td>Empty
            resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationsFailed</td><td>Business
            validations failed</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  CustomerConsentAuthenticationRequest:
    properties:
      consentVersion:
        description: consent version details
        type: string
        example: "1.0"
  CustomerConsentAuthenticationResponse:
    properties:
      code:
        description: Code
        type: string
        example: AAItTtGiPYFYQjhBMiv0jrhd4-rxNNE_21sO3C5gpYDq6yEmTs8rJTQMSS2b8Qtody_BsEK5Muin1vD074ryYfkYpQdiIC
  ErrorResponse:
    properties:
      type:
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
        type: string
      code:
        description: Error code which qualifies the error
        type: string
      details:
        description: Human readable explanation specific to the occurrence of the
          problem
        type: string
      location:
        description: The name of the field that resulted in the error
        type: string
      moreInfo:
        description: URI to human readable documentation of the error
        type: object
    required:
    - type
    - code
securityDefinitions:
  client_secret:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Secret
  client_id:
    type: apiKey
    in: header
    name: X-IBM-Client-Id
    description: pv52735
security:
- client_id: []
x-ibm-configuration:
  testable: true
  enforced: true
  phase: realized
x-ibm-endpoints:
- endpointUrl: https://emea.sandbox.api.citi.com/gcb
  description: Custom Gateway API Endpoint
  type:
  - production
  - development
...