---
swagger: "2.0"
info:
description: Wallet Provisioning Service
version: 1.0-rev1
title: WalletProvisioning - CitiBanamexPay
x-ibm-name: walletprovisioning---citibanamexpay
name: ""
basePath: /api
schemes:
- https
x-ibm-configuration:
enforced: true
phase: realized
testable: false
externalDocs: []
attachments: []
tags:
- name: Wallet Provisioning
description: All API(s) related to Wallet Provisioning Microservice
definitions:
ClientDetails:
type: object
properties:
adaIndicator:
type: string
example: "Y"
description: If customer is Citi ADA customer
applicationId:
type: string
example: CITIPAY
description: Application Unique Identifier
deviceDetails:
$ref: '#/definitions/DeviceDetails'
eventData:
$ref: '#/definitions/EventData'
hostName:
type: string
example: SSSS85369L00606
description: Host name of the customer for both Web and Device
inetData:
$ref: '#/definitions/InetData'
languageCode:
type: string
example: EN
description: LanguageCode
loginAuthority:
type: string
example: BANK
description: Request Origination Realm e.g BANK
loginIdentity:
type: string
example: CCS
description: Host used to authenticate user e.g CCS
ruleType:
type: string
example: Login
description: Event type to be executed in Cyota. E.g Login
sourcePort:
type: string
example: "33790"
description: Port number of the customer for both Web and Device
userIpAddress:
type: string
example: 121.211.45.22
description: IP Address of the user device
DeviceDetails:
type: object
required:
- applicationCategory
- applicationVersion
- blackboxId
- cellTowerId
- clientDefinedChannelIndicator
- deviceId
- deviceLocation
- deviceModel
- deviceName
- deviceOsName
- deviceOsVersion
- deviceSerialNumber
- deviceType
- deviceUptime
- deviceVersion
- eventType
- languageSupport
- locationAreaCode
- misin
- mobileCountryCode
- mobileInfoJs
- mobileInfoSdk
- mobileNetworkCode
- multitaskingSupportFlag
- networkId
- numberOfAddressBookEntries
- osId
- otherId
- paymentAppInstanceId
- primaryPortfolio
- rsaApplicationkey
- screenSize
- secondryPortfolio
- simId
- stableHardwareId
- vendorClientId
- wapClientId
- wifiMacAddress
properties:
applicationCategory:
type: string
example: INTERNET
description: Application Category.ie. INTERNET, MOBILE_THIN or MOBILE_THICK
applicationVersion:
type: string
example: "1.0"
description: The version of the application
blackboxId:
type: string
example: XCVEDG-DOFGM
description: iOvation blackbox id-Required for MFA Authentication
cellTowerId:
type: string
example: "342332432423"
description: A GSM Cell ID (CID) is a unique number used to identify each
Base Transceiver Station (BTS), or sector of a BTS, within a Location Area
Code (LAC) or GSM network.
clientDefinedChannelIndicator:
type: string
example: MOBILE
description: Channel Indicator assiged to Wallet Provider app. E.g. WEB, MOBILE
deviceId:
type: string
example: 243e23ewed234ed
description: Unique ID of the device. Typically, this is the IMEI number for
mobile devices
deviceLocation:
type: string
example: USA
description: This is the device location
deviceModel:
type: string
example: "4.0"
description: The device model
deviceName:
type: string
example: Samsung
description: The name of the device being used
deviceOsName:
type: string
example: Windows
description: The OS of the device
deviceOsVersion:
type: string
example: "7.0"
description: This is OS version
deviceSerialNumber:
type: string
example: w343d34wd3234234
description: This is the device serial number
deviceType:
type: string
example: MOBILE
description: The device which is used to perform this operation. Valid values
are MOBILE, TABLET, WATCH
deviceUptime:
type: string
example: "31667"
description: Time elapsed since last boot in seconds
deviceVersion:
type: string
example: "6.0"
description: The version of the device being used
eventType:
type: string
example: MOBILE
description: The Event initiated by the user.i.e CITI_WALLET_PURCHASE
languageSupport:
type: string
example: EN
description: The languages supported by the mobile device.
locationAreaCode:
type: string
example: "91"
description: The local area code.
misin:
type: string
example: "711"
description: MISIN of the client device
mobileCountryCode:
type: string
example: "412"
description: The mobile country code.
mobileInfoJs:
type: string
description: The string that is created by the location collection JavaScript.
mobileInfoSdk:
type: string
description: The JSON from the mobile application. This field contains the
string that is collected by the RSA Mobile SDK.
mobileNetworkCode:
type: string
example: "01"
description: The mobile network code.
multitaskingSupportFlag:
type: boolean
example: false
description: Indicates whether or not the mobile device supports multi-tasking.
networkId:
type: string
example: networkName_networkID
description: ID to uniquely identify the network which is used to perform
the operations. Typically, retrieved using public methods provided by the
device OS,
numberOfAddressBookEntries:
type: string
example: "5"
description: The total number of entries in the mobile device's address book.
osId:
type: string
description: 'The ID of the operating system. Options include: Android ID,
iPhone UDID, and Blackberry PIN number.'
otherId:
type: string
description: A unique identifier that is created by the mobile application
itself.This field is required to ensure an accurate risk score for mobile
applications.
paymentAppInstanceId:
type: string
example: "2423435345453511111212121212"
description: paymentAppInstanceID/SEID of the device.
primaryPortfolio:
type: string
example: CONSUMER
description: Reason for the call "SignOff or LogOff"
rsaApplicationkey:
type: string
description: A unique identifier
screenSize:
type: string
description: The screen size of the mobile device.
secondryPortfolio:
type: string
example: BANK
description: Reason for the call "SignOff or LogOff"
simId:
type: string
example: "42342341235235235"
description: IMSI value of the SIM
stableHardwareId:
type: string
example: "23534645756234234234"
description: Stable Hardware ID for NFC devices
vendorClientId:
type: string
description: A unique ID that represents the mobile user, created by an application
vendor.
wapClientId:
type: string
description: The unique ID number of the WAP profile client.
wifiMacAddress:
type: string
description: The Wi-Fi card MAC address
wifinetworksData:
$ref: '#/definitions/WifiNetworksData'
ErrorResponse:
type: object
required:
- code
- type
properties:
code:
type: string
description: Error code which qualifies the error
details:
type: string
description: Human readable explanation specific to the occurrence of the
problem
location:
type: string
description: The name of the field that resulted in the error
moreInfo:
type: string
description: URI to human readable documentation of the error
type:
type: string
description: invalid - Request did not confirm to the specification and was
unprocessed & rejected. Please fix the value and try again
warn -
Request was partially processed. E.g. some of the fields are missing in
response to the system issues, request was accepted successfully but will
be processed asynchronously
error - The request was accepted but
could not be processed successfully
fatal - There was an internal
system error while processing the request. These are technical errors and
will be resolved by Citi, and the consumer should retry after some time.
Business errors will not be categorized as fatal
ErrorResponseList:
type: object
properties:
errors:
type: array
description: List of one or more errors
items:
$ref: '#/definitions/ErrorResponse'
EventData:
type: object
properties:
clientDefinedFactListDataType:
type: string
example: String
description: datatype
clientDefinedFactListName:
type: string
example: CUSTOM_FIELD_10
description: Name defined at client side CUSTOM_FIELD_10
clientDefinedFactListValue:
type: string
example: CYOTASQ_CVV_FAILURE
description: Event value defined at client side e.g CYOTASQ_CVV_ABANDEND or
CYOTASQ_CVV_FAILURE
eventType:
type: string
example: CLIENT_DEFINED
description: Tyep of event initiated at client side. E.g. CLIENT_DEFINED
level:
type: string
example: "851"
description: 701 - SQ +CVV 851 - OTP SMS; 861 -OTP Voice
mfaSuccessfulIndicator:
type: string
example: "true"
description: specifies if MFA is successful
FpanInformation:
type: object
properties:
accountId:
type: string
example: 00000000107287988
description: '[Conditional] Citi Account Number (FPAN) alternate Identifier
for Credit Card account.And, Base CIN for debit account.Only Not applicable
for transaction memo=WALLET_REGISTRATION.'
accountSource:
type: string
example: Card on File
description: pan source
accountType:
type: string
example: CREDIT
description: '[Conditional] Customer Plastic Card Type e.g: CREDIT Only Not
applicable for transaction memo=WALLET_REGISTRATION., values=[CREDIT, DEBIT]'
displayAccountNumber:
type: string
example: "8676"
description: Last 4 digits of Citi Account Number
GetEligibleCardsAddress:
type: object
properties:
addressLine1:
type: string
example: 1620 SONOMA
description: Customer Billing Address Line 1
addressLine2:
type: string
example: Street
description: Customer Billing Address Line 2
addressLine3:
type: string
example: Street
description: Customer Billing Address Line 3
addressType:
type: string
description: Customer Billing Address Type, Allowed values =[BILLING,SHIPPING]
enum:
- BILLING
- SHIPPING
city:
type: string
example: ALBANY
description: Customer Billing Address City
countryCode:
type: string
example: US
description: Customer Billing Address countryCode
postalCode:
type: string
example: "75039"
description: Customer Billing Address postal code
state:
type: string
example: CA
description: Customer Billing Address state
GetEligibleCardsCustomerInformation:
type: object
properties:
firstName:
type: string
example: David
description: Customer first name
fullName:
type: string
description: Customer full name
lastName:
type: string
example: hank
description: Customer last name
middleName:
type: string
motherMaidenName:
type: string
description: mother maiden name of customer
suffix:
type: string
description: customer suffix
GetEligibleCardsEmailAddress:
type: object
properties:
emailAddress:
type: string
example: abc@gmail.com
description: This is the Customer Email id registered for the Card
emailType:
type: string
example: BUSINESS
description: Type of Email Address
enum:
- BUSINESS
- ALTERNATE
- PERSONAL
- REGISTERED
preferredEmailFlag:
type: string
example: "TRUE"
description: Indicates the preferred email address for communication
GetEligibleCardsFpanInformation:
type: object
properties:
accountBalance:
type: string
example: "3189"
description: Account Balance customer owes to bank
accountId:
type: string
example: "567877633"
description: Citi Account Number (FPAN) alternate Identifier for Credit Card
account. And, Base CIN for debit account.
accountNumber:
type: string
example: "5157350027618676"
description: Customer account number.
accountRole:
type: string
example: PRIMARY
description: This is same as Pan Sequence Number to distinguish if card owner
is primary owner. 01- Primary
accountStatus:
type: string
example: ACTIVE
description: 'Customer account status e.g : NEW, ACTIVE, CLOSED, REPROVISION,
BLOCKED'
accountType:
type: string
example: CREDIT
description: This will specify if the card is Debit card / Credit Card.
enum:
- CREDIT
- DEBIT
addressList:
type: array
items:
$ref: '#/definitions/GetEligibleCardsAddress'
associationNetwork:
type: string
example: VISA
description: card associated network
enum:
- VISA
- AMEX
- MC
availableBalance:
type: string
example: "10000.00"
description: This is balance available in the card
cardArtReferenceId:
type: string
example: ab12cd34ef57
description: Card Art Reference Identifier. Applicable for APAC region.
customerInformation:
$ref: '#/definitions/GetEligibleCardsCustomerInformation'
defaultInstrumentIndicator:
type: string
example: "No"
description: This is default instrument selected in Wallet.
emailAddressList:
type: array
items:
$ref: '#/definitions/GetEligibleCardsEmailAddress'
expiryDate:
type: string
example: 05/17
description: This is the expiry date of the card.
languageCode:
type: string
example: EN
description: default language code for communication. E- English
phoneList:
type: array
items:
$ref: '#/definitions/GetEligibleCardsPhone'
productCode:
type: string
example: "004"
description: The Product Code of the Default Credit Account linked to the
customer Profile.
productType:
type: string
example: PLATINUM
description: This defines the type of card like Blue, Gold
rewardsBalance:
type: string
example: "11189"
description: Reward balance available.
rewardsDescription:
type: string
example: TY
description: Reward text or description as thankyou or DC or AA or DV
GetEligibleCardsPhone:
type: object
properties:
phoneNumber:
type: string
example: "+14695552375"
description: This is mobile number will be use for alert communication
phoneType:
type: string
example: MOBILE
description: Customer Phone Number type e.g MOBILE, HOME
GetEligibleCardsRequest:
type: object
properties:
ccsId:
type: string
example: "1001111315087"
description: CCSID of Customer shared by Citi during Wallet Registration
clientDetails:
$ref: '#/definitions/ClientDetails'
fpanInformationList:
type: array
items:
$ref: '#/definitions/FpanInformation'
transactionMemo:
type: string
example: REFRESH
description: The Wallet Event initiated by user which triggered GEC. It can
be WALLET_REGISTRATION, REFRESH, CHECKOUT(for GEC Light). If not sent it
will default to REFRESH. In REFRESH scenario Expired Cards will also be
returned.
walletServiceProviderId:
type: string
example: APPLE_PAY
description: Wallet Service provider Id , values=[APPLE_PAY,SAMSUNG_PAY,CITI_PAY,
ANDRIOD_PAY, ALL_WALLET]
GetEligibleCardsResponse:
type: object
properties:
ccsId:
type: string
example: "1001111315087"
description: CCSID of Customer shared by Citi during Wallet Registration
fpanInformationList:
type: array
items:
$ref: '#/definitions/GetEligibleCardsFpanInformation'
InetData:
type: object
properties:
accept:
type: string
acceptLanguage:
type: string
example: en-US
description: language expected in response/locale.
devicePrint:
type: string
example: 312323YYF412312FTG2132
description: Device Print details
reference:
type: string
example: https://citiwallet.sit2.citibank. com/USCWP/REST/wallet/interdiction/performRiskScoring.jws
description: URL from which getting redirected
userAgent:
type: string
example: Iphone
description: Browser Type e.g Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/47.0.2526.106 Safari/537.36
userCookieValue:
type: string
example: "3123232"
description: Cookie String passed from Browser
userLangauge:
type: string
example: EN
description: Language passed in request
WifiNetworksData:
type: object
required:
- basicServiceSetId
- serviceSetId
- signalStrength
- stationName
- wifiChannel
properties:
basicServiceSetId:
type: string
description: The basic service set identification (BBSID) for each basic service
set.
serviceSetId:
type: string
example: SignOff
description: The Service Set Identifier (SSID).
signalStrength:
type: string
description: The wireless signal strength in the database management system.
stationName:
type: string
description: The Wi-Fi station name.
wifiChannel:
type: string
description: The Wi-Fi band is divided into multiple channels, each with different
frequencies. This element defines which channel is currently being used
by the Wi-Fi connection.
securityDefinitions:
ClientID:
type: apiKey
name: X-IBM-Client-Id
in: header
description: ClientID
ClientID (Query):
type: apiKey
name: client_id
in: query
description: ClientID
OAuth2 Application Flow:
type: oauth2
flow: application
scopes:
/api: Default scope
tokenUrl: https://api.banamex.com/mx-gcgapi/api/oauth/token
description: OAuth Client Credentials Grant Type
paths:
/v1/wallets/provisioning/accounts/eligibility:
post:
description: ""
tags:
- Wallet Provisioning
summary: To get the eligible cards
parameters:
- default: application/json
description: Content-Types that are acceptable for the response
name: Accept
required: true
type: string
in: header
- default: 6b6e5567-8f28-4115-ba58-47cdb5e83669
description: Universally unique identifier (UUID) that you generate for every
request and is used for tracking. It is recommended to use the output from
Java UUID class or an equivalent
name: uuid
required: true
type: string
in: header
- default: 5cf5ab07-3899-4c9f-95f7-93a2c33c5d1f
description: Business Token received during previous API call. Required in
all calls after authorization is established
name: bizToken
required: true
type: string
in: header
- default: 6549badc-1e82-4e1f-9c2d-cc708d1b8faf
description: OAuth token
name: Authorization
required: true
type: string
in: header
- default: 7b30d3bf-4c70-49bc-9808-a2f21a9bca82
description: The client ID you received during application registration in
the developer portal
name: client_id
required: true
type: string
in: header
- default: application/json
description: Content-Types that is acceptable for the request. Currently we
support application/json. Use only for PUT & POST methods
name: Content-Type
required: true
type: string
in: header
- schema:
$ref: '#/definitions/GetEligibleCardsRequest'
description: request
name: request
required: true
in: body
responses:
200:
description: OK
schema:
$ref: '#/definitions/GetEligibleCardsResponse'
400:
description: |-
### Request was not processed.
|Type|Code|Details|
|----------|----------|--------------------|
|error|invalidRequest|Missing or invalid Parameters
schema:
$ref: '#/definitions/ErrorResponseList'
401:
description: |-
### Missing or invalid authorization header.
|Type|Code|Details|
|----------|----------|--------------------|
|error|unAuthorized|Authorization credentials are missing or invalid
schema:
$ref: '#/definitions/ErrorResponseList'
403:
description: |-
### Unauthorized to perform the requested operation on resource.
|Type|Code|Details|More Info|
|----------|----------|--------------------|
|error|accessNotConfigured|The request operation is not configured to access this resource|Channel/Country/Business provided in the request is not supported currently|
|
schema:
$ref: '#/definitions/ErrorResponseList'
404:
description: |-
### Resource does not exist.
|Type|Code|Details|More Info
|----------|----------|--------------------|
|error|resourceNotFound|The requested resource was not found|Empty resource/resource not found
schema:
$ref: '#/definitions/ErrorResponseList'
500:
description: |-
### API Server Error
|Type|Code|Details|
|----------|----------|--------------------|
|fatal|serverUnavailable|The request failed due to an internal error/server unavailability
schema:
$ref: '#/definitions/ErrorResponseList'
security:
- ClientID (Query): []
OAuth2 Application Flow:
- /api
- ClientID: []
OAuth2 Application Flow:
- /api
operationId: getEligibleCardsUsingPOST
security:
- ClientID (Query): []
OAuth2 Application Flow:
- /api
- ClientID: []
OAuth2 Application Flow:
- /api
x-ibm-endpoints:
- endpointUrl: https://api.banamex.com/mx-gcgapi
type:
- production
- development
...