---
swagger: "2.0"
info:
  version: 1.1.0
  title: xlg-pat-v-rao-token-management
  description: This Microservice is used to manage the OTP token through the customer
    cell phone number.
  x-ibm-name: xlg-pat-v-rao-token-management
host: 127.0.0.1
basePath: /api
schemes:
- https
produces:
- application/json
paths:
  /v1/x-global/account-opening/rao/security/tokens/generate:
    post:
      tags:
      - generate-rao-otp
      operationId: generate-rao-otp
      summary: 'LOB: AO; Feature: OTP Token; Functionality: Generate;'
      description: This API will be used to generate the OTP token with the associated
        customer cell phone number.
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: true
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
        default: MX
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified during application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: SessionId sent by Consumer
      - name: generateRaoOtpRequest
        in: body
        required: true
        schema:
          $ref: '#/definitions/GenerateRaoOtpRequest'
      responses:
        204:
          description: Successful operation.
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/x-global/account-opening/rao/security/tokens/validate:
    post:
      tags:
      - validate-rao-otp
      operationId: validate-rao-otp
      summary: 'LOB: AO; Feature: OTP Token; Functionality: Validate;'
      description: This API will be used to validate the OTP token with the associated
        customer cell phone number.
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: true
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
        default: MX
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified during application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: SessionId sent by Consumer
      - name: validateRaoOtpRequest
        in: body
        required: true
        schema:
          $ref: '#/definitions/ValidateRaoOtpRequest'
      responses:
        204:
          description: Successful operation.
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/x-global/account-opening/rao/security/tokens/certified-phone:
    get:
      tags:
      - retrieve-rao-certified-phone-otp
      operationId: retrieve-rao-certified-phone-otp
      summary: 'LOB: AO; Feature: OTP Token; Functionality: Certified phone;'
      description: This API will retrieve certified phone number by transmit OTP
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        required: true
        type: string
        description: Client ID generated during application registration
      - name: Authorization
        in: header
        required: true
        type: string
        description: The Authorization Token received during login
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: uuid
        in: header
        required: true
        type: string
        description: 128 bit UUID that you generate for every request
      - name: Accept-Language
        in: header
        required: false
        type: string
        description: List of acceptable human languages for response
      - name: Content-Type
        in: header
        required: false
        type: string
        description: Content-Types that are sent in the request
      - name: countryCode
        in: header
        required: true
        type: string
        description: Country code in 2 character ISO 3166 format
        default: MX
      - name: businessCode
        in: header
        required: true
        type: string
        description: Business code identified during application registration
      - name: ChannelId
        in: header
        required: true
        type: string
        description: Channel where request originated
      - name: sid
        in: header
        required: true
        type: string
        description: SessionId sent by Consumer
      responses:
        200:
          description: Successful operation.
          schema:
            $ref: '#/definitions/RetrieveRaoCertifiedPhoneResponse'
        400:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>unAuthorized</td><td>Authorization
            credentials are missing or invalid</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The request
            operation is not configured to access this resource</td><td>Channel/Country/Business
            provided in the request is not supported currently</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td><td>More
            Info</td></tr><tr><td>error</td><td>resourceNotFound</td><td>The requested
            resource was not found</td><td>Empty resource/resource not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  GenerateRaoOtpRequest:
    type: object
    properties:
      phoneCountryCode:
        type: string
        description: Country codes area of the international telephone numbering
        maxLength: 5
        pattern: ^\+\d{1,4}$
        example: "+52"
      encryptedPhoneNumber:
        type: string
        description: The encrypted phone number of the user for which OTP needs to
          be delivered
        format: byte
        example: U3dhZ2dlciByb2Nrcw==
    required:
    - phoneCountryCode
    - encryptedPhoneNumber
  Phone:
    type: object
    properties:
      phoneCountryCode:
        type: string
        description: Country codes area of the international telephone numbering
        maxLength: 5
        pattern: ^\+\d{1,4}$
        example: "+52"
      encryptedPhoneNumber:
        type: string
        description: The encrypted phone number of the user for which OTP needs to
          be delivered
        format: byte
        example: U3dhZ2dlciByb2Nrcw==
    required:
    - phoneCountryCode
    - encryptedPhoneNumber
  ValidateRaoOtpRequest:
    type: object
    properties:
      encryptedOtpToken:
        type: string
        description: Clear OTP Token
        format: byte
        example: U3dhZ2dlciByb2Nrcw==
      phone:
        $ref: '#/definitions/Phone'
    required:
    - phone
    - encryptedOtpToken
  RetrieveRaoCertifiedPhoneResponse:
    type: object
    properties:
      phoneCountryCode:
        type: string
        description: Country codes area of the international telephone numbering
        example: "+52"
      phoneNumber:
        type: string
        description: The certified phone number for RAO
        example: "553366998"
    required:
    - phoneCountryCode
    - phoneNumber
  ErrorResponse:
    properties:
      type:
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
        type: string
      timestamp:
        description: Timestamp of the error response
        type: string
      uuid:
        description: Uuid used in the request
        type: string
      code:
        description: Error code which qualifies the error
        type: string
      details:
        description: Human readable explanation specific to the occurrence of the
          problem
        type: string
      location:
        description: The name of the field that resulted in the error
        type: string
      moreInfo:
        description: URI to human readable documentation of the error
        type: string
x-ibm-configuration:
  enforced: true
  testable: true
  phase: realized
securityDefinitions:
  OAuth2 Application Flow:
    type: oauth2
    description: ""
    flow: application
    scopes:
      /api/v1: ""
    tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token
  Client ID:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
  - /api/v1
  Client ID: []
x-ibm-endpoints:
- endpointUrl: https://api.banamex.com/mx-gcgapi
  type:
  - production
  - development
...