--- swagger: "2.0" info: version: 1.0.0 title: BNE Security Services x-ibm-name: bne-security-services description: "" basePath: /api schemes: - https produces: - application/json paths: /v1/channels/bne/authenticate/login: post: description: This API is to authenticate customer consumes: - application/json produces: - application/json tags: - authentication parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string - name: Content-Type in: header default: application/json description: Content-Types that are sent in the request required: false type: string - in: body name: AuthenticationRequest description: This request is to authenticate customer required: true schema: $ref: '#/definitions/AuthenticationRequest' responses: 200: description: Authentication Successful schema: $ref: '#/definitions/AuthenticationResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
erroruserAccountNotActive 180-account not active
erroruserAccountLocked 15-account locked
errorpasswordExpired 9-password has expired
errorcredentialValidationFailed20-master validation failure
errorcannotDecryptData620-Cannot decrypt, please re-check the encrypted value
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' delete: description: This API will logout the customer from NGA and S15 session. Session id will become invalid after this is succesful consumes: - application/json produces: - application/json tags: - authentication parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string responses: 200: description: Success Response, Logout Success 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' /v1/channels/bne/authenticate/keepalive: get: description: This API is keeps the session alive of PSG and S15 consumes: - application/json produces: - application/json tags: - keepalive parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string responses: 200: description: Success Response 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' /v1/channels/bne/authenticate/password: post: description: This API is used to change the password of customer consumes: - application/json produces: - application/json tags: - authentication parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string - name: Content-Type in: header default: application/json description: Content-Types that are sent in the request required: false type: string - in: body name: ChangePasswordRequest description: This request is to change customer password required: true schema: $ref: '#/definitions/ChangePasswordRequest' responses: 200: description: Success Response, Password is changed. 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
errorcannotDecryptData620-Cannot decrypt, please re-check the encrypted value.
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' /v1/channels/bne/authenticate/unlock: post: description: This API is used to unlock a locked customer consumes: - application/json produces: - application/json tags: - authentication parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string - name: Content-Type in: header default: application/json description: Content-Types that are sent in the request required: false type: string - in: body name: UnlockCustomerRequest description: This request is to unlock a locked customer required: true schema: $ref: '#/definitions/UnlockCustomerRequest' responses: 200: description: Success Response 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' /v1/channels/bne/authenticate/challenge/get: post: description: This API is used to get a challenge code for authenticating a customer consumes: - application/json produces: - application/json tags: - challenge parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string - in: body name: GetChallengeRequest description: This request is to get customer challenge required: true schema: $ref: '#/definitions/GetChallengeRequest' responses: 200: description: Success Response schema: $ref: '#/definitions/GetChallengeResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' /v1/channels/bne/authenticate/challenge/validate: post: description: This API is to authenticate customer with challenge code consumes: - application/json produces: - application/json tags: - challenge parameters: - name: 'uuid ' in: header description: Random 128 bit UUID generated uniquely for every request from the Customer, which will represent transaction unique identifier and it is recommended to send. required: false type: string - name: sid in: header description: Session is generated and returned on the first API call as response header, which needs to be resent on succesive calls of same session type: string - name: countryCode default: MX in: header description: 2 character ISO country code required: false type: string - name: businessCode default: GCB in: header description: 3 character business code required: false type: string - name: channelId in: header description: channel ID used by the user, it is required for the first call in a new session. required: false type: string - name: client_id in: header description: The client ID you received during application registration in the developer portal required: true type: string - name: Authorization in: header description: Bearer token aquired from APIM token endpoint required: true type: string - name: Content-Type in: header default: application/json description: Content-Types that are sent in the request required: false type: string - in: body name: ValidateChallengeRequest description: This request is to validate customer challenge required: true schema: $ref: '#/definitions/ValidateChallengeRequest' responses: 200: description: Success Response 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetails
erroraccessNotConfiguredThe request operation is not configured to access this resource
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
fatalbackendErrorFailed during a call to backend service
schema: $ref: '#/definitions/ErrorResponse' definitions: ValidateChallengeRequest: properties: validationCode: description: Validation code generated by hardware token type: string required: - validationCode GetChallengeRequest: properties: customerId: type: string description: provide customer id of the customer legalRepresentativeId: description: unique legal representative id type: string required: - customerId - legalRepresentativeId GetChallengeResponse: properties: challengeCode: description: Challenge code generated at server type: string expiry: description: Challenge code expiry time type: string ChangePasswordRequest: properties: newPassword: description: New Password to set type: string oldPassword: description: Old Password type: string required: - newPassword - oldPassword UnlockCustomerRequest: properties: customerId: description: Unique Id for Customer type: string legalRepresentativeId: description: Unique Id for representative type: string validationCode: description: Validation code generated by hardware token type: string required: - customerId - legalRepresentativeId - validationCode AuthenticationRequest: properties: customerCredentials: $ref: '#/definitions/CustomerCredentials' sessionRequired: description: true if session is required to be opened with s15 type: boolean default: true AuthenticationResponse: properties: challengeCode: description: Challenge code generated at server type: string expiry: description: Challenge code expiry time type: string CustomerCredentials: properties: customerId: description: Unique Id for Customer type: string legalRepresentativeId: description: Unique Id for representative type: string password: description: Customer password type: string customerCategoryType: description: Catagory of the customer required during Login type: string required: - customerId - password ErrorResponse: properties: type: description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal type: string code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: URI to human readable documentation of the error type: string required: - type - code - details x-ibm-configuration: enforced: true testable: true phase: realized security: - OAuth2 Application Flow: - /api/v1 Client ID: [] securityDefinitions: OAuth2 Application Flow: type: oauth2 description: "" flow: application tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token scopes: /api/v1: "" Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id x-ibm-endpoints: - endpointUrl: https://api.banamex.com/mx-gcgapi type: - production - development ...