> ## Documentation Index > Fetch the complete documentation index at: https://docs.yapily.com/llms.txt > Use this file to discover all available pages before exploring further. # Create Embedded Account Authorisation > Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_ACCOUNT_REQUEST` feature in order to obtain the the user's authorisation to access their account information. Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST` Learn more: [Embedded Account Flow](/open-banking-flow/user-authorisation/embedded) ## OpenAPI ````yaml /openapi-converted.json post /embedded-account-auth-requests openapi: 3.0.1 info: description: >- The Yapily API enables connections between your application and users' banks. For more information check out our [documentation](/introduction). In particular, make sure to view our [Getting Started](/getting-started/get-started) steps if this is your first time here. While testing the API, our list of [sandbox credentials](/resources/sandbox/sandbox-credentials) maybe useful. title: Yapily API version: 12.3.4 contact: name: Yapily Support url: https://docs.yapily.com/resources/support email: support@yapily.com servers: - url: https://api.yapily.com security: - basicAuth: [] tags: - description: >- The `Application` is the base entity that is used to interact with the API and contains a collection of `Institution` objects. You can have multiple Applications associated with your account e.g. a production application with live access to each `Institution` and a development application with access to sandboxes. name: Application - description: >- The Users endpoints are used to manage each user (otherwise known as the PSU) in Yapily. Each user belongs to an Application and as a consequence, so do each `Consent` created for a particular `User`. name: Users - description: >- An `Institution` object represents any Account Serving Payment Servicing Provider (ASPSP) that has been integrated and is accessible through the Yapily APIs (ASPSPs are entities that publish Read/Write APIs to permit, with customer consent, payments initiated by third party providers and/or make their customers financial data available to third party providers via their API endpoints). Any one of the following would be represented as Institution: - Traditional banks e.g. Santander - Neo-banks e.g. Monzo - Building societies e.g. Cumberland Building Society name: Institutions - description: >- The Consents endpoints are used to manage each `Consent` created by Yapily in response to an authorisation created for a user. The `Consent` object contains data that identifies a user's consent for a specific `Institution` within a Yapily application. Other than the id of the consent, the `institution-id` for the corresponding `Institution` and the user identifiers (`user-uuid` and `application-user-id`), it contains various details that indicates how the `Consent` can be used. name: Consents - description: >- Before calling [Financial Data](#yapily-api-financial-data) or [Payments](#yapily-api-payments) endpoints, a consent from an end-user must be obtained. Consents are valid for up to 90 days for Financial Data endpoints and have a single-use for Payment endpoints i.e. a new consent must be obtained for each payment. NOTE: A user consent is also referred to as an 'Authorisation'. name: Authorisations - description: >- In order to access a user's Financial Data, you are required to request an [Authorisation](#tag/Authorisations) from the user to share the account information the bank has. Once a `consent-token` is obtained, you can call the necessary Financial Data endpoint(s) to retrieve the user's data. name: Financial Data - description: >- In order to make a Payment on behalf of a user, you are required to request an [Authorisation](#tag/Authorisations) from the user to authorise the user's account to make the payment from. Once a `consent-token` is obtained, you can call the necessary Payments endpoint(s) to execute a payment. name: Payments - description: >+ The Notifications endpoints provide an interactive way for user to receive notifications according to different event-types. This feature is currently in private beta. Please reach out if you require access. name: Notifications - description: >- Variable Recurring Payments enables transfer of money between accounts held by the same person or transfer of money for business payments. In order to make Sweeping Variable Recurring Payments on behalf of a user, you are required to request an [Consent](#tag/Authorisations) from the user by calling the Sweeping Consent endpoint to authorise the user's account to make the payment. Once a `consent-token` is obtained, you can call the Payments endpoint to execute the Sweeping Variable Recurring Payments transaction. Before executing the payment, you have the option to confirm availability of funds in the user's account by calling the Funds Confirmation endpoint. See [VRP Payments](/payments/vrps/additional-information) for more information. name: Variable Recurring Payments - description: Hosted Payment Pages endpoints for payments products name: Hosted Payment Pages - description: Hosted Consent Pages endpoints for data products name: Hosted Consent Pages - description: >- The constraints endpoints can be used to retrieve institution specific data requirements and rules that will apply when performing other operations. name: Constraints - description: >- Application Management endpoints help with creating and managing client sub-applications. name: Application Management - description: 'Data Plus endpoints enable our customers to enrich transaction data. ' name: Data Plus - description: Webhook endpoints name: Webhooks - description: Application Beneficiaries Endpoints name: Application Beneficiaries - description: User Beneficiaries Endpoints name: User Beneficiaries paths: /embedded-account-auth-requests: post: tags: - Authorisations summary: Create Embedded Account Authorisation description: >- Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_ACCOUNT_REQUEST` feature in order to obtain the the user's authorisation to access their account information. Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST` operationId: initiateEmbeddedAccountRequest parameters: - description: >- __Conditional__. Represents the user's login ID for the `Institution` to a personal account. See [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required. in: header name: psu-id required: false schema: type: string - description: >- __Conditional__. Represents the user's login ID for the `Institution` to a business account. See [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required. in: header name: psu-corporate-id required: false schema: type: string - description: >- __Conditional__. The IP address of the PSU. See [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required. in: header name: psu-ip-address required: false schema: type: string - $ref: '#/components/parameters/SubAppHeader' requestBody: content: application/json;charset=UTF-8: examples: Berlin Group Example Request: $ref: >- #/components/examples/berlin-group-example-embedded-acc-auth-request schema: $ref: '#/components/schemas/EmbeddedAccountAuthorisationRequest' required: true responses: '201': content: application/json;charset=UTF-8: examples: Berlin Group (Multiple SCA Methods) Example Response: $ref: >- #/components/examples/berlin-group-multiple-sca-methods-example-response Berlin Group (Single SCA Method) Example Response: $ref: >- #/components/examples/berlin-group-single-sca-method-example-response schema: $ref: >- #/components/schemas/ApiResponseOfEmbeddedAccountAuthorisationResponse description: Created default: content: application/json;charset=UTF-8: examples: Error Response: $ref: '#/components/examples/error-response-code-401' schema: $ref: '#/components/schemas/ApiResponseError' description: Error Response components: parameters: SubAppHeader: description: The sub-application ID to which event type is being subscribed to in: header name: sub-application required: false schema: type: string format: uuid examples: berlin-group-example-embedded-acc-auth-request: description: Berlin Group Example Request value: applicationUserId: string institutionId: fiducia-sandbox userCredentials: id: '6154057725' password: PISPWD12 berlin-group-multiple-sca-methods-example-response: description: Berlin Group (Multiple SCA Methods) Example Response value: meta: tracingId: a9d8d8c5e6a84b00b8510d90c28cbbc6 data: id: 149da283-2958-4128-9d72-e3a02e8bb83d userUuid: 6b082877-b137-4743-bba3-07b6a8148b42 applicationUserId: string institutionId: fiducia-sandbox status: AWAITING_SCA_METHOD createdAt: '2021-06-09T11:47:24.513Z' expiresAt: '2021-09-07T00:00:00Z' timeToExpire: P89DT12H12M35.472S featureScope: - ACCOUNT_TRANSACTIONS - ACCOUNTS - ACCOUNT - ACCOUNT_BALANCES state: c99f35c118194737b83487a0e6a48ed9 institutionConsentId: 4514274319060120226PSDLT-BL-LB002045CO9545RW scaMethods: - id: '962' type: CHIP_OTP description: SmartTAN plus HHD 1.4 - id: '952' type: CHIP_OTP description: SmartTAN optic - id: '972' type: CHIP_OTP description: SmartTAN optic/USB HHD 1.4 - id: '982' type: PHOTO_OTP description: Smart-TAN photo - id: '932' type: CHIP_OTP description: SmartTAN plus - id: '944' type: PUSH_OTP description: SecureSIGN - id: '942' type: SMS_OTP description: mobile TAN berlin-group-single-sca-method-example-response: description: Berlin Group (Single SCA Method) Example Response value: meta: tracingId: 1565f7e13a0b4bf6b312cf8cc5747c7c data: id: 66c8c0f2-1678-4404-a68f-2236a1afcdad userUuid: 6b082877-b137-4743-bba3-07b6a8148b42 applicationUserId: string institutionId: fiducia-sandbox status: AWAITING_SCA_CODE createdAt: '2021-06-09T11:49:18.815Z' expiresAt: '2021-09-07T00:00:00Z' timeToExpire: P89DT12H10M41.167S featureScope: - ACCOUNT_TRANSACTIONS - ACCOUNTS - ACCOUNT - ACCOUNT_BALANCES state: 3fb4024282d0432cb710094c4c723ae5 institutionConsentId: 1448194319060120228PSDLT-BL-LB002045CO9545RW scaMethods: - id: '944' type: PUSH_OTP description: SecureSIGN selectedScaMethod: id: '944' type: PUSH_OTP description: SecureSIGN error-response-code-401: description: Error Response value: error: code: 401 status: UNAUTHORIZED message: Full authentication is required to access this resource schemas: EmbeddedAccountAuthorisationRequest: required: - institutionId type: object properties: userUuid: type: string description: '`User` for which the authorisation request was created.' format: uuid applicationUserId: type: string description: >- __Conditional__. The user-friendly reference to the `User` that will authorise the authorisation request. If a `User` with the specified `applicationUserId` exists, it will be used otherwise, a new `User` with the specified `applicationUserId` will be created and used. Either the `userUuid` or `applicationUserId` must be provided. example: user-234562290 forwardParameters: description: >- Extra parameters the TPP may want to get forwarded in the callback request after the PSU redirect. type: array items: type: string institutionId: type: string description: >- __Mandatory__. The reference to the `Institution` which identifies which institution the authorisation request is sent to. example: yapily-mock callback: type: string description: >- __Optional__. The server to redirect the user to after the user complete the authorisation at the `Institution`. See [Using a callback (Optional)](/introduction) for more information. example: https://display-parameters.com redirect: $ref: '#/components/schemas/RedirectRequest' oneTimeToken: type: boolean description: >- __Conditional__. Used to receive a `oneTimeToken` rather than a `consentToken` at the `callback` for additional security. This can only be used when the `callback` is set. See [Using a callback with an OTT (Optional)](/open-banking-flow/handling-redirects/callback-url) for more information. example: false userCredentials: $ref: '#/components/schemas/UserCredentials' selectedScaMethod: $ref: '#/components/schemas/ScaMethod' scaCode: type: string description: >- __Conditional__. Used to update the authorisation with the sca code received by the user from the `Institution` using the embedded account authorisation flow. This is the penultimate step required in the embedded account authorisation flow to authorise the `Consent`. After sending the sca code, to obtain an authorised consent, the last step is to poll [Get Consent](/api-reference/getConsentById) until the `Institution` authorises the request and the `Consent` `status` transitions to `AUTHORIZED`. example: '325614' accountRequest: $ref: '#/components/schemas/AccountRequest' ApiResponseOfEmbeddedAccountAuthorisationResponse: type: object properties: meta: $ref: '#/components/schemas/ResponseMeta' data: $ref: '#/components/schemas/EmbeddedAccountAuthorisationResponse' links: type: object additionalProperties: type: string forwardedData: type: array items: $ref: '#/components/schemas/ResponseForwardedData' raw: deprecated: true type: array items: $ref: '#/components/schemas/RawResponse' tracingId: type: string writeOnly: true ApiResponseError: type: object properties: error: $ref: '#/components/schemas/ApiError' raw: deprecated: true type: array items: $ref: '#/components/schemas/RawResponse' description: >- Used to return errors from the bank from each request - `400` - Returned by any `POST` endpoint when the body does not conform to the contract - `401` - Returned by any endpoint when an invalid `authToken` is used for authentication - `403` - Returned by any [Financial Data](/api-reference#financial-data) and any [Payments](/api-reference#payments) endpoint when the `Consent` is no longer authorised to access financial data or to make a payment - `404` - Returned by any endpoint where there are path parameters and the path parameters supplied are unable to find the desired resource - `409` - Returned by any `POST` endpoint when creating a resource that conflicts with any other existing resource e.g. [Create User](/api-reference/addUser) - `424` - Returned by any [Financial Data](/api-reference#financial-data) and any [Payments](/api-reference#payments) endpoint when the feature to be accessed is not supported by the `Institution`. - `500` - Returned by any endpoint when Yapily is down. If you encounter any false positives, please [notify us](mailto:support@yapily.com) example: error: tracingId: 74b13ce8ed51419f92c5d609e04532de code: 424 institutionError: errorMessage: >- {"Code":"500 Internal Server Error","Id":"5ff8d331-4282-41e0-b5ef-1ac9ac39f009","Message":"Technical Error. Please try again later","Errors":[{"ErrorCode":"UK.OBIE.UnexpectedError","Message":"There was a problem processing your request. Please try again later"}]} httpStatusCode: 500 source: INSTITUTION status: FAILED_DEPENDENCY RedirectRequest: required: - url type: object properties: url: type: string description: >- __Mandatory__.Successful redirect after the user complete the authorisation at the `Institution`. description: >- __Optional__. The server to redirect the user to after the user complete the authorisation at the `Institution`. UserCredentials: required: - id - password type: object properties: id: type: string description: >- __Mandatory__. The login id for the user for a particular `Institution`. example: '6154057725' corporateId: type: string description: >- __Conditional__. The corporate login for the user for a particular corporate `Institution`. example: '6345898763' password: type: string description: >- __Mandatory__. The password of the user to login to a particular `Institution`. example: PISPWD12 description: >- __Conditional__. Used to capture the user's credentials to allow them to login to an `Institution` that uses the embedded account authorisation flow. This is the first step required in the embedded account authorisation flow to authorise the `Consent`. ScaMethod: required: - id type: object description: >- __Conditional__. Used to update the authorisation with the sca method of the user's choice for the `Institution` that uses the embedded authorisation flow. If the user has multiple sca methods configured, the `Institution` will allow the user to select from each of these options. When the user has multiple sca methods for the `Institution`, this is the second step required in the embedded authorisation flow to authorise the `Consent`. example: id: '944' type: PUSH_OTP description: SecureSIGN properties: id: type: string description: >- __Mandatory__. The id of the sca method provided by the `Institution` example: 258211#OPTICAL type: $ref: '#/components/schemas/Type' description: type: string description: >- __Optional__. A description of the sca method if provided by the `Institution` example: Testkarte Hr. Haubach_1, optisch information: type: string description: >- Additional information from the institution to provide to the PSU to help with the selected SCA method. The language is determined by the institution and may vary. example: Bitte bestätigen Sie den Vorgang in Ihrer SecureGo plus App data: description: >- Data from the institution to provide to the PSU to complete authorisation. The language is determined by the institution and may vary. type: array items: type: string example: - 0488701109982928CY439040000100000010000520,00 AccountRequest: type: object properties: transactionFrom: type: string description: >- __Optional__. Specifies the earliest date of the transaction records to be returned. You must supply this field to retrieve transactions older than 90 days for banks accessed via the the [CBI Globe Gateway](/data/financial-data-resources/data-restrictions#cbi-globe-gateway). format: date-time example: '2020-01-01T00:00:00Z' transactionTo: type: string description: >- __Optional__. Specifies the latest date of the transaction records to be returned. format: date-time example: '2021-01-01T00:00:00Z' expiresAt: type: string description: >- __Optional__. Used to set a hard date for when the user's associated `Consent` will expire. **Note**: If this supported by the bank, specifying this is property is opting out of having a long-lived consent that can be perpetually re-authorised by the user. This will add an `expiresAt` field on the `Consent` object which will render it unusable after this date. **Note**: This is not supported by every `Institution`. In such case, the request will not fail but the property will be ignored and the created `Consent` will not have an expiry date. format: date-time example: '2025-01-01T00:00:00Z' accountIdentifiers: $ref: '#/components/schemas/AccountInfo' accountIdentifiersForTransaction: type: array description: >- __Conditional__. Used to create a request for the transactions of the account specified. Once the user authorises the request, only the transactions can be obtained by executing [GET Account Transactions](./#get-account-transactions). This can be specified in conjunction with `accountIdentifiersForBalance` to generate a `Consent` that can both access the accounts balance and transactions. items: $ref: '#/components/schemas/AccountInfo' accountIdentifiersForBalance: type: array description: >- __Conditional__. Used to create a request for the balance of the account specified. Once the user authorises the request, only the balance can be obtained by executing [GET Account Balances](./#get-account-balances). This can be specified in conjunction with `accountIdentifiersForTransaction` to generate a `Consent` that can both access the accounts balance and transactions. items: $ref: '#/components/schemas/AccountInfo' featureScope: uniqueItems: true type: array description: >- __Optional__. Used to granularly specify the set of features that the user will give their consent for when requesting access to their account information. Depending on the `Institution`, this may also populate a consent screen which list these scopes before the user authorises. This endpoint accepts allow all [Financial Data Features](/guides/financial-data/features/#feature-list) that the `Institution` supports.To find out which scopes an `Institution` supports, check [GET Institution](./#get-institution). items: $ref: '#/components/schemas/FeatureEnum' description: >- __Conditional__. Used to further specify details of the `Consent` to request Conditions: 1. Mandatory to specify the individual scopes to request from the user at the `Institution` for an account authorisation 2. Mandatory to specify an expiry time on the created `Consent` at which time will render it unusable 3. Mandatory to specify the date range that the created `Consent` will be able to access transactions for (given the range is support for the `Institution`) ResponseMeta: type: object properties: tracingId: type: string EmbeddedAccountAuthorisationResponse: type: object properties: id: type: string description: Unique identifier for the embedded account authorisation request. format: uuid userUuid: type: string description: The `User` that the authorisation request was created for. format: uuid applicationUserId: type: string description: >- The user-friendly reference to the `User` that the authorisation request was created for. referenceId: type: string institutionId: type: string description: The `Institution` the authorisation request was sent to. status: $ref: '#/components/schemas/AuthorisationStatus' createdAt: type: string description: >- Date and time the embedded authorisation was created by the application user. format: date-time transactionFrom: type: string description: >- When performing a transaction query using the consent, this is the earliest date of transaction records that can be retrieved. format: date-time transactionTo: type: string description: >- When performing a transaction query using the consent, this is the latest date of transaction records that can be retrieved. format: date-time expiresAt: type: string description: >- Date and time the embedded authorisation expires. Re-authorisation is needed to retain access. format: date-time timeToExpireInMillis: type: integer format: int64 deprecated: true timeToExpire: type: string format: iso8601 featureScope: uniqueItems: true description: The set of features the consent provides access to. type: array items: $ref: '#/components/schemas/FeatureEnum' consentToken: type: string description: >- Represents the authorisation to gain access to the requested features. Required to access account information. state: type: string description: >- Correlation ID used when handshaking with a new institution via OAuth2 registration. authorizedAt: type: string description: Date and time the request was authorised by the `Institution`. format: date-time institutionConsentId: type: string description: Identification of the consent at the `Institution`. authorisationUrl: type: string qrCodeUrl: type: string description: >- The URL link for the QR code that may be scanned via a mobile device to make an authorisation redirect to the bank (authURL encoded). scaMethods: type: array description: >- List of `SCA methods` that the `Institution` supports and are available for selection. items: $ref: '#/components/schemas/ScaMethod' selectedScaMethod: $ref: '#/components/schemas/ScaMethod' ResponseForwardedData: type: object properties: headers: type: object additionalProperties: type: string url: type: string RawResponse: deprecated: true type: object description: >- [DEPRECATED] Interaction (raw request and response) that occurred with the `Institution` in order to fulfil a request. properties: request: $ref: '#/components/schemas/RawRequest' duration: type: string format: iso8601 headers: type: object additionalProperties: type: string resultCode: type: integer format: int32 result: type: object ApiError: type: object description: Provides details of the error that has occurred. properties: code: type: integer description: __Mandatory__. Numeric `HTTP` status code associated with the error. format: int32 institutionError: $ref: '#/components/schemas/InstitutionError' message: type: string description: >- __Mandatory__. Description of the exact error that has been experienced. source: type: string status: type: string description: __Mandatory__. Textual description of the `HTTP` error status type. tracingId: type: string description: >- __Optional__. A unique identifier assigned by Yapily for the request that can be used for support purposes. Type: type: string description: The `SCA` method type available for the user enum: - SMS_OTP - CHIP_OTP - PHOTO_OTP - PUSH_OTP AccountInfo: required: - accountIdentification type: object properties: accountId: type: string description: __Conditional__. Unique identifier of the account. example: '500000000000000000000001' accountIdentification: $ref: '#/components/schemas/AccountIdentification' description: >- __Conditional__. Used to create a request for the balance of the account specified. Once the user authorises the request, only the balance can be obtained by executing [GET Account Balances](./#get-account-balances). This can be specified in conjunction with `accountIdentifiersForTransaction` to generate a `Consent` that can both access the accounts balance and transactions. FeatureEnum: type: string description: >- Used to describe what functions are supported by the associated `Institution`. For more information on each feature, see the following links: - [Financial Data Features](/data/financial-data-resources/financial-data-features) - [Payments Features](/payments/payment-resources/payment-features) enum: - INITIATE_PRE_AUTHORISATION - INITIATE_PRE_AUTHORISATION_ACCOUNTS - INITIATE_PRE_AUTHORISATION_PAYMENTS - INITIATE_ACCOUNT_REQUEST - INITIATE_EMBEDDED_ACCOUNT_REQUEST - ACCOUNT_REQUEST_DETAILS - ACCOUNTS - ACCOUNT - ACCOUNT_TRANSACTIONS - ACCOUNT_STATEMENTS - ACCOUNT_STATEMENT - ACCOUNT_STATEMENT_FILE - ACCOUNT_SCHEDULED_PAYMENTS - ACCOUNT_DIRECT_DEBITS - ACCOUNT_PERIODIC_PAYMENTS - ACCOUNT_TRANSACTIONS_WITH_MERCHANT - IDENTITY - ACCOUNTS_WITHOUT_BALANCE - ACCOUNT_WITHOUT_BALANCE - ACCOUNT_BALANCES - INITIATE_SINGLE_PAYMENT_SORTCODE - EXISTING_PAYMENT_INITIATION_DETAILS - CREATE_SINGLE_PAYMENT_SORTCODE - EXISTING_PAYMENTS_DETAILS - INITIATE_DOMESTIC_SINGLE_PAYMENT - INITIATE_EMBEDDED_DOMESTIC_SINGLE_PAYMENT - CREATE_DOMESTIC_SINGLE_PAYMENT - INITIATE_EMBEDDED_BULK_PAYMENT - INITIATE_DOMESTIC_SINGLE_INSTANT_PAYMENT - CREATE_DOMESTIC_SINGLE_INSTANT_PAYMENT - INITIATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT - CREATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT - INITIATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT_SWEEPING - CREATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT_SWEEPING - INITIATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT_COMMERCIAL - CREATE_DOMESTIC_VARIABLE_RECURRING_PAYMENT_COMMERCIAL - INITIATE_DOMESTIC_SCHEDULED_PAYMENT - CREATE_DOMESTIC_SCHEDULED_PAYMENT - INITIATE_DOMESTIC_PERIODIC_PAYMENT - CREATE_DOMESTIC_PERIODIC_PAYMENT - PERIODIC_PAYMENT_FREQUENCY_EXTENDED - INITIATE_INTERNATIONAL_SCHEDULED_PAYMENT - CREATE_INTERNATIONAL_SCHEDULED_PAYMENT - INITIATE_INTERNATIONAL_PERIODIC_PAYMENT - CREATE_INTERNATIONAL_PERIODIC_PAYMENT - INITIATE_INTERNATIONAL_SINGLE_PAYMENT - CREATE_INTERNATIONAL_SINGLE_PAYMENT - INITIATE_BULK_PAYMENT - CREATE_BULK_PAYMENT - EXISTING_BULK_PAYMENT_DETAILS - TRANSFER - OPEN_DATA_PERSONAL_CURRENT_ACCOUNTS - OPEN_DATA_ATMS - READ_DOMESTIC_SINGLE_REFUND - READ_DOMESTIC_SCHEDULED_REFUND - READ_DOMESTIC_PERIODIC_PAYMENT_REFUND - READ_INTERNATIONAL_SINGLE_REFUND - READ_INTERNATIONAL_SCHEDULED_REFUND - ACCOUNT_BENEFICIARIES - INITIATE_ONETIME_PRE_AUTHORISATION_PAYMENTS - INITIATE_ONETIME_PRE_AUTHORISATION_ACCOUNTS - INITIATE_ONETIME_PRE_AUTHORISATION - VARIABLE_RECURRING_PAYMENT_FUNDS_CONFIRMATION AuthorisationStatus: description: Current status of the embedded authorisation request in code form. type: string enum: - AWAITING_AUTHORIZATION - AWAITING_FURTHER_AUTHORIZATION - AWAITING_RE_AUTHORIZATION - AUTHORIZED - CONSUMED - REJECTED - REVOKED - FAILED - EXPIRED - UNKNOWN - INVALID - AWAITING_DECOUPLED_PRE_AUTHORIZATION - AWAITING_PRE_AUTHORIZATION - PRE_AUTHORIZED - AWAITING_DECOUPLED_AUTHORIZATION - AWAITING_SCA_METHOD - AWAITING_SCA_CODE RawRequest: type: object properties: method: type: string url: type: string requestInstant: type: string format: date-time headers: type: object additionalProperties: type: string body: type: object bodyParameters: type: object additionalProperties: type: string startTime: type: string format: date-time startedAt: type: string format: date-time deprecated: true InstitutionError: type: object description: >- Raw error details provided by the `Institution`, when it was the error source. properties: errorMessage: type: string description: Textual description of the `Institution` error. httpStatusCode: type: integer description: Numeric HTTP status code associated with the `Institution` error. format: int32 AccountIdentification: title: Account Identifications required: - type - identification type: object properties: type: $ref: '#/components/schemas/AccountIdentificationType' identification: title: Account Identification type: string description: >- __Mandatory__. The value associated with the account identification type. See [Account Identification Combinations](/payments/payment-resources/intro-to-payment-execution#account-identifications-combinations) for more information on the format of the values. example: '401016' AccountIdentificationType: title: Account Identification Type type: string description: |- __Mandatory__. Used to describe the format of the account. See [Account Identification Combinations](/payments/payment-resources/intro-to-payment-execution#account-identifications-combinations) for more information on when to specify each type. example: SORT_CODE enum: - SORT_CODE - ACCOUNT_NUMBER - IBAN - BBAN - BIC - PAN - MASKED_PAN - MSISDN - BSB - NCC - ABA - ABA_WIRE - ABA_ACH - EMAIL - ROLL_NUMBER - BLZ - IFS - CLABE - CTN - BRANCH_CODE - VIRTUAL_ACCOUNT_ID securitySchemes: basicAuth: description: >- Use HTTP Basic Authentication with your Application ID as username and Application Secret as password. Manage credentials in the [Yapily Console](https://console.yapily.com/). See [Authentication](/api-reference/authentication) for details. scheme: basic type: http ````