SahamatiNet
  • Background
  • SahamatiNet POC
    • Introduction
    • Applications
    • Observability
    • Integration Steps
      • Sandbox Onboarding
      • IAM APIs
      • CR APIs
      • Integration with Router
        • Sample Code Snippets
          • Python
          • Java
          • JavaScript
          • GoLang
          • C#
        • Router APIs Specifications
          • FIU API Specification
          • AA API Specification
          • FIP API Specification
      • ReBIT Workflows using Router
        • Account Discovery & Linking
        • Consent Workflow
        • FI Request Workflow
    • Integration with Simulators
      • AA Simulator
      • FIP Simulator
      • FIU Simulator
    • Validation of Integration
  • Glossary
  • Guidelines
  • Frequently Asked Questions
  • How To Guides
    • How To Onboard to Sandbox ?
    • How To Decide on an Entity ID ?
    • How To Generate a Certificate ?
    • How To Generate Tokens ?
Powered by GitBook
LogoLogo

Copyright © 2025 - Sahamati Foundation

On this page

Was this helpful?

Export as PDF
  1. SahamatiNet POC
  2. Integration Steps
  3. Integration with Router
  4. Router APIs Specifications

AA API Specification

PreviousFIU API SpecificationNextFIP API Specification

Was this helpful?

get

This API can be used by FIPs and FIUs to check availability of AA Application.

Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

fip_api_keyapiKeyRequired

fip_api_key is provided to AA by the FIP

Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
get
GET /router/v2/Heartbeat HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
fip_api_key: null
Accept: */*
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "Status": "UP",
  "Error": {
    "code": 1,
    "msg": "text",
    "detail": "text"
  }
}
  • POST/Consent
  • POST/Consent/handle
  • POST/Consent/fetch
  • POST/FI/request
  • POST/FI/fetch
  • POST/Consent/Notification
  • POST/FI/Notification
  • POST/Account/link/Notification
  • GET/Heartbeat
post

This API is intended for AA Client to request generation of digitally signed consent artefacts. The customer has to use the AA application to select accounts and approve consent generation. Once the customer approves the consent request on the AA application, AA generates the digitally signed consent artefacts. Note - The AA Client never sees the account of the customer or directly participates in consent generation.

Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body

This call generated via AA client.

verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The transaction identifier generated by the requester for providing an end to end traceability. The AA should use this transaction identifier in the responses and notifications for FIU to correlate response with the request. The transaction identifier will be a UUID generated string.

Example: 4a4adbbe-29ae-11e8-a8d7-0289437bf331
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/Consent HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 820

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "4a4adbbe-29ae-11e8-a8d7-0289437bf331",
  "ConsentDetail": {
    "consentStart": "2019-12-06T11:39:57.153Z",
    "consentExpiry": "2019-12-06T11:39:57.153Z",
    "consentMode": "VIEW",
    "fetchType": "ONETIME",
    "consentTypes": [
      "PROFILE"
    ],
    "fiTypes": [
      "DEPOSIT"
    ],
    "DataConsumer": {
      "id": "DC1",
      "type": "FIU"
    },
    "Customer": {
      "id": "customer_identifier@AA_identifier",
      "Identifiers": [
        {
          "type": "MOBILE",
          "value": 919867123456
        }
      ]
    },
    "Purpose": {
      "code": "101",
      "refUri": "https://api.rebit.org.in/aa/purpose/101.xml",
      "text": "Wealth management service",
      "Category": {
        "type": "text"
      }
    },
    "FIDataRange": {
      "from": "2023-07-06T11:39:57.153Z",
      "to": "2019-12-06T11:39:57.153Z"
    },
    "DataLife": {
      "unit": "MONTH",
      "value": 1
    },
    "Frequency": {
      "unit": "HOUR",
      "value": 1
    },
    "DataFilter": [
      {
        "type": "TRANSACTIONAMOUNT",
        "operator": ">=",
        "value": 20000
      }
    ]
  }
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "4a4adbbe-29ae-11e8-a8d7-0289437bf331",
  "Customer": {
    "id": "customer_identifier@AA_identifier"
  },
  "ConsentHandle": "39e108fe-9243-11e8-b9f2-0256d88baae8"
}
post

This API is intended to be used by FIU/AA Client to check the consent status and retrieve the consent ID from AA once the consent is approved by customer. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver (recipient-id) to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body
verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: 795038d3-86fb-4d3a-a681-2d39e8f4fc3c
ConsentHandlestringRequired

Unique ID generated by AA after receiving the consent request. Consent Handle can be used by FIU/AA Client to check the consent status and retrieve the consent ID once the consent is approved by customer.

Example: 39e108fe-9243-11e8-b9f2-0256d88baae8
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/Consent/handle HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 156

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "795038d3-86fb-4d3a-a681-2d39e8f4fc3c",
  "ConsentHandle": "39e108fe-9243-11e8-b9f2-0256d88baae8"
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "795038d3-86fb-4d3a-a681-2d39e8f4fc3c",
  "ConsentHandle": "39e108fe-9243-11e8-b9f2-0256d88baae8",
  "ConsentStatus": {
    "id": "654024c8-29c8-11e8-8868-0289437bf331",
    "status": "APPROVED"
  }
}
post

This API is intended for fetching the information associated with the specific consent. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

fip_api_keyapiKeyRequired

fip_api_key is provided to AA by the FIP

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body
verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: 0b811819-9044-4856-b0ee-8c88035f8858
consentIdstringRequired

Unique ID generated by AA after consent approval is given by the customer.

Example: 654024c8-29c8-11e8-8868-0289437bf331
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/Consent/fetch HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
fip_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 152

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
  "consentId": "654024c8-29c8-11e8-8868-0289437bf331"
}
{
  "ver": "2.0.0",
  "txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
  "consentId": "XXXX-XXXX-XXXX-XXXX",
  "status": "ACTIVE",
  "createTimestamp": "2023-06-26T11:39:57.153Z",
  "signedConsent": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjQyNzE5MTNlLTdiOTMtNDlkZC05OTQ5LTFjNzZmZjVmYzVjZiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19.ew0KICAgICAgICAiY29uc2VudFN0YXJ0IjogIjIwMTktMDUtMjhUMTE6Mzg6MjAuMzgwKzAwMDAiLA0KICAgICAgICAiY29uc2VudEV4cGlyeSI6ICIyMDIwLTA1LTI4VDExOjM4OjIwLjM4MSswMDAwIiwNCiAgICAgICAgImNvbnNlbnRNb2RlIjogIlZJRVciLA0KICAgICAgICAiZmV0Y2hUeXBlIjogIk9ORVRJTUUiLA0KICAgICAgICAiY29uc2VudFR5cGVzIjogWw0KICAgICAgICAgICAgIlBST0ZJTEUiLA0KICAgICAgICAgICAgIlNVTU1BUlkiLA0KICAgICAgICAgICAgIlRSQU5TQUNUSU9OUyINCiAgICAgICAgXSwNCiAgICAgICAgImZpVHlwZXMiOiBbDQogICAgICAgICAgICAiREVQT1NJVCIsDQogICAgICAgICAgICAiVEVSTS1ERVBPU0lUIg0KICAgICAgICBdLA0KICAgICAgICAiRGF0YUNvbnN1bWVyIjogew0KICAgICAgICAgICAgImlkIjogImNvb2tpZWphci1hYUBmaW52dS5pbiIsDQogICAgICAgICAgICAidHlwZSI6ICJBQSINCiAgICAgICAgfSwNCiAgICAgICAgIkRhdGFQcm92aWRlciI6IHsNCiAgICAgICAgICAgICJpZCI6ICJCQVJCMEtJTVhYWCIsDQogICAgICAgICAgICAidHlwZSI6ICJGSVAiDQogICAgICAgIH0sDQogICAgICAgICJDdXN0b21lciI6IHsNCiAgICAgICAgICAgICJpZCI6ICJkZW1vQGZpbnZ1Ig0KICAgICAgICB9LA0KICAgICAgICAiQWNjb3VudHMiOiBbDQogICAgICAgICAgICB7DQogICAgICAgICAgICAgICAgImZpVHlwZSI6ICJERVBPU0lUIiwNCiAgICAgICAgICAgICAgICAiZmlwSWQiOiAiQkFSQjBLSU1YWFgiLA0KICAgICAgICAgICAgICAgICJhY2NUeXBlIjogIlNBVklOR1MiLA0KICAgICAgICAgICAgICAgICJsaW5rUmVmTnVtYmVyIjogIlVCSTQ4NTk2NDU3OSIsDQogICAgICAgICAgICAgICAgIm1hc2tlZEFjY051bWJlciI6ICJVQkk4NTIxNzg4MTI3OSINCiAgICAgICAgICAgIH0sDQogICAgICAgICAgICB7DQogICAgICAgICAgICAgICAgImZpVHlwZSI6ICJERVBPU0lUIiwNCiAgICAgICAgICAgICAgICAiZmlwSWQiOiAiQkFSQjBLSU1YWFgiLA0KICAgICAgICAgICAgICAgICJhY2NUeXBlIjogIlNBVklOR1MiLA0KICAgICAgICAgICAgICAgICJsaW5rUmVmTnVtYmVyIjogIlVCSTQ4NTk2NDUiLA0KICAgICAgICAgICAgICAgICJtYXNrZWRBY2NOdW1iZXIiOiAiVUJJODUyMTc4ODEyIg0KICAgICAgICAgICAgfQ0KICAgICAgICBdLA0KICAgICAgICAiUHVycG9zZSI6IHsNCiAgICAgICAgICAgICJjb2RlIjogIjEwMSIsDQogICAgICAgICAgICAicmVmVXJpIjogImh0dHBzOi8vYXBpLnJlYml0Lm9yZy5pbi9hYS9wdXJwb3NlLzEwMS54bWwiLA0KICAgICAgICAgICAgInRleHQiOiAiV2VhbHRoIG1hbmFnZW1lbnQgc2VydmljZSIsDQogICAgICAgICAgICAiQ2F0ZWdvcnkiOiB7DQogICAgICAgICAgICAgICAgInR5cGUiOiAicHVycG9zZUNhdGVnb3J5VHlwZSINCiAgICAgICAgICAgIH0NCiAgICAgICAgfSwNCiAgICAgICAgIkZJRGF0YVJhbmdlIjogew0KICAgICAgICAgICAgImZyb20iOiAiMjAxOS0wNS0yOFQxMTozODoyMC4zODMrMDAwMCIsDQogICAgICAgICAgICAidG8iOiAiMjAyMC0wNS0yOFQxMTozODoyMC4zODErMDAwMCINCiAgICAgICAgfSwNCiAgICAgICAgIkRhdGFMaWZlIjogew0KICAgICAgICAgICAgInVuaXQiOiAiTU9OVEgiLA0KICAgICAgICAgICAgInZhbHVlIjogNA0KICAgICAgICB9LA0KICAgICAgICAiRnJlcXVlbmN5Ijogew0KICAgICAgICAgICAgInVuaXQiOiAiSE9VUiIsDQogICAgICAgICAgICAidmFsdWUiOiA0DQogICAgICAgIH0sDQogICAgICAgICJEYXRhRmlsdGVyIjogWw0KICAgICAgICAgICAgew0KICAgICAgICAgICAgICAgICJ0eXBlIjogIlRSQU5TQUNUSU9OQU1PVU5UIiwNCiAgICAgICAgICAgICAgICAib3BlcmF0b3IiOiAiPiIsDQogICAgICAgICAgICAgICAgInZhbHVlIjogIjIwMDAwIg0KICAgICAgICAgICAgfQ0KICAgICAgICBdDQogICAgfQ.O3KPh-eTpW2w47QXYidOBe1Hk2y7djVAEcOnZyRRvxQ3cY18-9ZWiodF16jff-e7yNQgsYZpAy95Fx2Fft8LoYugkYh9_6qHiG_7LCtW8Ng4nCMgZM3Wwsj11ks1msrK5C1ksPrGlTkFhm9-FufNkPTAlW76_5Sb8G_lOsIj1lB8TrvKpOvPlhEIgsS4WBNdPfv3SBqTV2suw2LvkX3QTilqwuMgXMkrm9-RYL90fweX_yyoyaBWHOJNQaKNuQWPpoRRNHGOx3v4_QiwgrELdfeTVtKn6R_AsfaBoEthQ3wrc8tY1q0Wx5j0x18NdU2R2C26dHyZ9M11dEH99psA1A",
  "ConsentUse": {
    "logUri": "text",
    "count": 1,
    "lastUseDateTime": "2023-07-06T11:39:57.153Z"
  }
}
post

This API is used by the FIU to request for financial information from the AA. The AA will validate the request against the signed consent and return a sessionID which can then be used by the FIU to fetch the required data. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body
verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: e8cc6822-d4bb-4eb1-9e1b-4996fbff8acb
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/FI/request HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 854

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "e8cc6822-d4bb-4eb1-9e1b-4996fbff8acb",
  "FIDataRange": {
    "from": "2023-07-06T11:39:57.153Z",
    "to": "2019-12-06T11:39:57.153Z"
  },
  "Consent": {
    "id": "654024c8-29c8-11e8-8868-0289437bf331",
    "digitalSignature": "NdjwMjLortTb10dxcJezkvdOxPVvEdZvIqwqVWOHnE8pS_YDswcRPLTRmds2xO-Tvm_A2cFv1qKYpaZnv8Bl6xmZoOsG_F8_40gRZqIhz5hF9puzp8lEEhMlZ6NaX2Y2OYkwHcOBBpCIXpLXB4CMWiefUEWjO9zKDd5JJwZ4vLWeT4qgwvPfRqE60B33tzVlF5E6OA2mKK17sGRXsfrI9obEjL52RMdGo_9bv1HnHfvPlbj5ihj6d_5iTtoh7HUC_X8CrJGvkgkCjP_7of1jPb5QgJ9nx_Yfsxj3vf8zEseZIVISjF3MwBzW7Di4CpfQl4wlnpkQO9MKu78F69Z9Ig"
  },
  "KeyMaterial": {
    "cryptoAlg": "ECDH",
    "curve": "Curve25519",
    "params": "cipher=AES/GCM/NoPadding;KeyPairGenerator=ECDH",
    "DHPublicKey": {
      "expiry": "2023-07-06T11:39:57.153Z",
      "Parameters": "text",
      "KeyValue": "text"
    },
    "Nonce": "29512b70-ca84-46b5-9471-63765599cf15"
  }
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-2611:39:57.153Z",
  "txnid": "e8cc6822-d4bb-4eb1-9e1b-4996fbff8acb",
  "consentId": "654024c8-29c8-11e8-8868-0289437bf331",
  "sessionId": "caa2f259-2dc2-4075-87aa-6d81018b6183"
}
post

This API is used to fetch financial information from AA once FIU recieves the data ready notification. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body

A request to fetch FI data from AA against given sessionId.

verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message.

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

Unique transaction identifier used for providing an end to end traceability.

Example: 3dd436f8-0747-4a8f-9001-375e419430be
sessionIdstringRequired

A session ID is a base-64 encoded UUID number that an AA returns to the FIU or AA Client for each financial information access request.

Example: caa2f259-2dc2-4075-87aa-6d81018b6183
fipIdstringOptional

FIP ID as defined in the Account Aggregator Ecosystem.

Example: FIP-1
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
403
Forbidden
application/json
404
Not Found
application/json
409
Conflict
application/json
410
Data Gone
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/FI/fetch HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 210

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "3dd436f8-0747-4a8f-9001-375e419430be",
  "sessionId": "caa2f259-2dc2-4075-87aa-6d81018b6183",
  "fipId": "FIP-1",
  "linkRefNumber": [
    {
      "id": "XXXX-XXXX-XXXX"
    }
  ]
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "3dd436f8-0747-4a8f-9001-375e419430be",
  "FI": [
    {
      "fipID": "FIP-1",
      "data": [
        {
          "linkRefNumber": "XXXX-XXXX-XXXX",
          "maskedAccNumber": "XXXXXXXX4020",
          "encryptedFI": "text"
        }
      ],
      "KeyMaterial": {
        "cryptoAlg": "ECDH",
        "curve": "Curve25519",
        "params": "cipher=AES/GCM/NoPadding;KeyPairGenerator=ECDH",
        "DHPublicKey": {
          "expiry": "2023-07-06T11:39:57.153Z",
          "Parameters": "text",
          "KeyValue": "text"
        },
        "Nonce": "29512b70-ca84-46b5-9471-63765599cf15"
      }
    }
  ]
}
post

This API can be used by AA Client, FIU and FIP to place a request for consent status update to AA in specific use cases. For more details, please refer FAQ section. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

fip_api_keyapiKeyRequired

fip_api_key is provided to AA by the FIP

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body

Status of the Consent.

verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: 0b811819-9044-4856-b0ee-8c88035f8858
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/Consent/Notification HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
fip_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 227

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
  "Notifier": {
    "type": "FIP",
    "id": "FIP-1"
  },
  "ConsentStatusNotification": {
    "consentId": "XXXX0-XXXX-XXXX",
    "consentStatus": "REJECTED"
  }
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T06:13:30.967+0000",
  "txnid": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "response": "OK"
}
post

This API can be used by AA Client, FIU and FIP to send notifications related to Financial Information (FI) fetch to AA. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
client_api_keyapiKeyRequired

client_api_key is provided to AA by the AA Client or the FIU

fip_api_keyapiKeyRequired

fip_api_key is provided to AA by the FIP

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body
verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: 0b811819-9044-4856-b0ee-8c88035f8858
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/FI/Notification HTTP/1.1
Host: api.sandbox.sahamati.org.in
client_api_key: null
fip_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 343

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
  "Notifier": {
    "type": "FIP",
    "id": "FIP-1"
  },
  "FIStatusNotification": {
    "sessionId": "XXXX0-XXXX-XXXX",
    "sessionStatus": "ACTIVE",
    "FIStatusResponse": [
      {
        "fipID": "FIP-1",
        "Accounts": [
          {
            "linkRefNumber": "XXXX-XXXX-XXXX",
            "FIStatus": "READY",
            "description": ""
          }
        ]
      }
    ]
  }
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T06:13:30.967+0000",
  "txnid": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "response": "OK"
}
post

This API can be used by FIP to send account linking related notifications to AA in case of direct authentication method of account linking. Note: "Request Body Example Value" and "Responses Example Value" given below is for illustrative purposes only.

Header parameters
fip_api_keyapiKeyRequired

fip_api_key is provided to AA by the FIP

x-jws-signaturestringRequired

Detached JWS of the body

x-request-metastringRequired

It is the Base64 encoded JSON object having the identifier of the receiver to whom the API call needs to be forwarded. Ex: x-request-meta: [Base64 of {"recipient-id": "SIMULATOR"}] i.e x-request-meta: eyJyZWNpcGllbnQtaWQiOiAiU0lNVUxBVE9SIn0K

Body
verstringRequired

API version

Example: 2.0.0
timestampstring · date-timeRequired

Creation timestamp of the message

Example: 2023-06-26T11:39:57.153Z
txnidstringRequired

The unique transaction identifier used for providing an end to end traceability.

Example: 0b811819-9044-4856-b0ee-8c88035f8858
Responses
200
OK
application/json
400
Bad Request
application/json
401
Unauthorized Access
application/json
404
Not Found
application/json
409
Conflict
application/json
412
Precondition failed
application/json
500
Internal Server Error
application/json
501
Not Implemented
application/json
503
Service Unavailable
application/json
post
POST /router/v2/Account/link/Notification HTTP/1.1
Host: api.sandbox.sahamati.org.in
fip_api_key: null
x-jws-signature: text
x-request-meta: text
Content-Type: application/json
Accept: */*
Content-Length: 316

{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T11:39:57.153Z",
  "txnid": "0b811819-9044-4856-b0ee-8c88035f8858",
  "Notifier": {
    "type": "FIP",
    "id": "FIP-1"
  },
  "AccountLinkStatusNotification": {
    "accRefNumber": "XXXX0-XXXX-XXXX",
    "customerAddress": "customer_identifier@aa_identifier",
    "linkRefNumber": "XXXX-XXXX-XXXX",
    "linkStatus": "LINKED"
  }
}
{
  "ver": "2.0.0",
  "timestamp": "2023-06-26T06:13:30.967+0000",
  "txnid": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "response": "OK"
}