bLink API - consent flow module (2.0.15.2-fi)
Download OpenAPI specification:Download
This is the specification of the bLink 'consent-flow' module API.
Get the OAuth access and refresh token
Returns the OAuth access and refresh token for the specified client and target. Providers can deploy this endpoint under a separate base path (e.g., without a version number). SIX forwards the requests accordingly.
header Parameters
X-CorAPI-Client-ID required | string ID of the client forwarded to the provider. (SCOPE: FI) |
X-Correlation-ID required | string <= 64 characters Unique ID (defined by the caller) which will be reflected back in the response. |
User-Agent required | string Name and version of the of the Client software |
X-CorAPI-Target-ID | string ID of the target, e.g., a financial institution. (SCOPE: FI - optional) |
X-PSU-IP-Address | string IP address of the user initiating the operation (SCOPE: FI - optional) |
X-PSU-User-Agent | string User of the client software (SCOPE: FI - optional) |
Request Body schema: application/x-www-form-urlencodedrequired
grant_type required | string Enum: "authorization_code" "refresh_token" either authorization_code or refresh_token |
code | string authorization code if applicable |
refresh_token | string refresh token if applicable |
redirect_uri | string original redirect uri if applicable |
client_id required | string client id |
username required | string <= 64 characters username of the resource owner |
Responses
Response samples
- 200
- 400
- 401
- 403
- 406
- 415
- 500
- 502
- 504
{- "access_token": "string",
- "token_type": "bearer",
- "expires_in": 1,
- "refresh_token": "string",
- "scope": "string"
}
Revoke an OAuth token (access or refresh)
- Revokes the specified OAuth token (must be done separately for access token and refresh token)
- Providers must validate that the revocation is initiated by the legitimate client
- Providers can deploy this endpoint under a separate base path (e.g., without a version number). SIX forwards the requests accordingly.
header Parameters
X-CorAPI-Client-ID required | string ID of the client forwarded to the provider. (SCOPE: FI) |
X-Correlation-ID required | string <= 64 characters Unique ID (defined by the caller) which will be reflected back in the response. |
User-Agent required | string Name and version of the of the Client software |
X-CorAPI-Target-ID | string ID of the target, e.g., a financial institution. (SCOPE: FI - optional) |
X-PSU-IP-Address | string IP address of the user initiating the operation (SCOPE: FI - optional) |
X-PSU-User-Agent | string User of the client software (SCOPE: FI - optional) |
Request Body schema: application/x-www-form-urlencodedrequired
token required | string token to be revoked |
token_type_hint | string Enum: "access_token" "refresh_token" either access_token or refresh_token |
client_id required | string client id |
Responses
Response samples
- 400
- 401
- 403
- 406
- 415
- 500
- 502
- 504
{- "error": "invalid_request",
- "error_description": "Invalid authorization code",
- "error_uri": "string"
}
Validate the username of the resouce owner
Returns whether or not a username could have been validated.
header Parameters
Authorization required | string Bearer followed by a base64 encoded OAuth access token |
X-CorAPI-Client-ID required | string ID of the client forwarded to the provider. (SCOPE: FI) |
X-Correlation-ID required | string <= 64 characters Unique ID (defined by the caller) which will be reflected back in the response. |
User-Agent required | string Name and version of the of the Client software |
X-CorAPI-Target-ID | string ID of the target, e.g., a financial institution. (SCOPE: FI - optional) |
X-PSU-IP-Address | string IP address of the user initiating the operation (SCOPE: FI - optional) |
X-PSU-User-Agent | string User of the client software (SCOPE: FI - optional) |
Request Body schema: application/x-www-form-urlencodedrequired
username required | string <= 64 characters username of the resource owner |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "valid_username": true
}