---
swagger: "2.0"
info:
  description: This APIs are used when a high risk transaction will be performed and
    previously an authentication or certification of the client credentials through
    a JWT or Challenge are required.
  version: 1.0.0
  title: XLG-SEC-P-TransmitValidations
  x-ibm-name: xlg-sec-p-transmitvalidations
basePath: /api
schemes:
- https
produces:
- application/json
paths:
  /v1/x-global/security/jwt/validate:
    post:
      tags:
      - validate-transmit-token
      summary: API to certify a Json Web Token generated previously by a Transmit
        Security service and given to a channel orchestrator for future uses; asserting
        a transmitCustomer previosly registred in the CCS DB if is required.
      operationId: validate-trasnmit-token
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        description: The client ID  you received during application registration in
          the developer portal
        required: true
        type: string
      - name: Authorization
        in: header
        description: Bearer token adquired from API Gateway OAUTH service.
        required: true
        type: string
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: 'uuid '
        in: header
        description: Random 128 bit UUID generated uniquely for every request from
          the Customer, which will represent transaction unique identifier and it
          is recommended to send.
        required: true
        type: string
      - name: Accept-Language
        in: header
        description: Language to be send to the backend systems. The supported values
          are ‘es’ for spanish and ‘en’ for english.
        required: false
        type: string
        default: es
      - name: Content-Type
        in: header
        description: Content-Types that are sent in the request
        required: true
        type: string
        default: application/json
      - name: businessCode
        in: header
        description: 3 character business code
        required: true
        type: string
        default: GCB
      - name: countryCode
        in: header
        description: 2 character ISO country code
        required: true
        type: string
        default: MX
      - name: channelId
        in: header
        description: channel ID used by the user, it is required for the first call
          in a new session.
        required: true
        type: string
      - name: sid
        in: header
        description: Session is generated and returned on the first API call as response
          header, which needs to be resent on succesive calls of same session
        required: false
        type: string
      - in: body
        name: ValidateTransmitTokenRequest
        description: Request body to authenticate Citibanamex customer through Token
          validation.
        required: true
        schema:
          $ref: '#/definitions/ValidateTransmitTokenRequest'
      responses:
        200:
          description: Validation Successful
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>5002</td><td>Token
            not valid.</td></tr><tr><td>error</td><td>invalidCredential</td><td>Invalid
            transmit customer</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The
            request operation is not configured to access this resource.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>5000</td><td>Application
            not found.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameter</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/x-global/security/transmit-customer:
    post:
      tags:
      - save-transmit-customer
      summary: API for saving a customer that in previous steps was assigned a SoftToken
        with Transmit services.
      operationId: save-transmit-customer
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        description: The client ID  you received during application registration in
          the developer portal
        required: true
        type: string
      - name: Authorization
        in: header
        description: Bearer token adquired from API Gateway OAUTH service.
        required: true
        type: string
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: 'uuid '
        in: header
        description: Random 128 bit UUID generated uniquely for every request from
          the Customer, which will represent transaction unique identifier and it
          is recommended to send.
        required: true
        type: string
      - name: Accept-Language
        in: header
        description: Language to be send to the backend systems. The supported values
          are ‘es’ for spanish and ‘en’ for english.
        required: false
        type: string
        default: es
      - name: Content-Type
        in: header
        description: Content-Types that are sent in the request
        required: true
        type: string
        default: application/json
      - name: businessCode
        in: header
        description: 3 character business code
        required: true
        type: string
        default: GCB
      - name: countryCode
        in: header
        description: 2 character ISO country code
        required: true
        type: string
        default: MX
      - name: channelId
        in: header
        description: channel ID used by the user, it is required for the first call
          in a new session.
        required: true
        type: string
      - name: sid
        in: header
        description: Session is generated and returned on the first API call as response
          header, which needs to be resent on succesive calls of same session
        required: true
        type: string
      responses:
        200:
          description: Success Registration
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>InvalidCredentials</td><td>Customer
            data not found</td></tr><tr><td>error</td><td>SessionTimeout</td><td>Session
            expired</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The
            request operation is not configured to access this resource.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>Unknown</td><td>Resource
            not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameter</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
  /v1/x-global/security/transmit-customer/validate:
    post:
      tags:
      - validate-transmit-customer
      summary: API for recovering and validating if a customer has a SoftToken with
        Transmit functionalities.
      operationId: validate-transmit-customer
      consumes:
      - application/json
      produces:
      - application/json
      parameters:
      - name: client_id
        in: header
        description: The client ID  you received during application registration in
          the developer portal
        required: true
        type: string
      - name: Authorization
        in: header
        description: Bearer token adquired from API Gateway OAUTH service.
        required: true
        type: string
      - name: Accept
        in: header
        required: true
        type: string
        description: Content-Types that are acceptable for the response
      - name: 'uuid '
        in: header
        description: Random 128 bit UUID generated uniquely for every request from
          the Customer, which will represent transaction unique identifier and it
          is recommended to send.
        required: true
        type: string
      - name: Accept-Language
        in: header
        description: Language to be send to the backend systems. The supported values
          are ‘es’ for spanish and ‘en’ for english.
        required: false
        type: string
        default: es
      - name: Content-Type
        in: header
        description: Content-Types that are sent in the request
        required: true
        type: string
        default: application/json
      - name: businessCode
        in: header
        description: 3 character business code
        required: true
        type: string
        default: GCB
      - name: countryCode
        in: header
        description: 2 character ISO country code
        required: true
        type: string
        default: MX
      - name: channelId
        in: header
        description: channel ID used by the user, it is required for the first call
          in a new session.
        required: true
        type: string
      - name: sid
        in: header
        description: Session is generated and returned on the first API call as response
          header, which needs to be resent on succesive calls of same session
        required: false
        type: string
      - in: body
        name: ValidateTransmitCustomerRequest
        description: Request body to validateif a Citibanamex customer has a Token
          with Transmit functionalities.
        required: true
        schema:
          $ref: '#/definitions/ValidateTransmitCustomerRequest'
      responses:
        200:
          schema:
            $ref: '#/definitions/ValidateTransmitCustomerResponse'
          description: Authentication Successful
        400:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>invalidRequest</td><td>Missing
            or invalid Parameters</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        401:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>invalid</td><td>InvalidCredentials</td><td>Customer
            data not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        403:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>accessNotConfigured</td><td>The
            request operation is not configured to access this resource.</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        404:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>Unknown</td><td>Resource
            not found</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        422:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>error</td><td>businessValidationFailed</td><td>Business
            validation error occured on one or more parameter</td></tr></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
        500:
          description: <table><tr><td>Type</td><td>Code</td><td>Details</td></tr><tr><td>fatal</td><td>serverUnavailable</td><td>The
            request failed due to an internal error/server unavailability</td></table>
          schema:
            $ref: '#/definitions/ErrorResponse'
definitions:
  ValidateTransmitCustomerResponse:
    type: object
    properties:
      customerId:
        type: string
        example: "11995672351"
        description: Id of the customer, used for verifying if it is a valid transmit
          customer.
      transmitTokenEnabledFlag:
        type: boolean
        example: true
        description: If the customerId is a transmitCustomer the flag will come with
          true, opposite case will come with false.
  ValidateTransmitCustomerRequest:
    type: object
    properties:
      customerId:
        type: string
        example: "11995672351"
        description: Id of the customer, used for verifying if it is a valid transmit
          customer.
    required:
    - customerId
    description: Request parameters for verifying if the customer has a SoftToken
      with Transmit
  ValidateTransmitTokenRequest:
    type: object
    properties:
      transmitToken:
        type: string
        example: afgknsdlfignsdikfgnsldifng
        description: The token to validate as it was provided by the server.
      customerId:
        type: string
        example: "11995672351"
        description: Id of the customer, used for verifying if it is a valid transmit
          customer.
      grantType:
        type: string
        example: "2"
        description: Id of the token, used for identifying the kind of functional
          Id also known as applicationId for calling the transmit JWT validator service
          <table><tr><td>tokenId</td><td>Details</td></tr><tr><td>1</td><td>SMS-OTP
          functional Id</td></tr><tr><td>2</td><td>binding functional Id</td></tr><tr><td>3</td><td>New
          Online Transaction functional Id</td></tr><tr><td>4</td><td>Avatar Transaction
          functional Id</td></tr><tr><td>5</td><td>IVR Transaction functional ID</td></tr><tr><td>6</td><td>AcciTrade
          Transaction functional ID</td></tr><tr><td>7</td><td>Directo Transaction
          functional ID</td></tr></table>
    required:
    - transmitToken
    - customerId
    - applicationId
    description: Request parameters for a transmit JWT validation
  ErrorResponse:
    required:
    - code
    - details
    - type
    properties:
      type:
        type: string
        description: Invalid - Request did not confirm to the specification and was
          unprocessed and rejected. Please fix the value and try again
        enum:
        - error
        - warn
        - invalid
        - fatal
      code:
        type: string
        description: Error code which qualifies the error
      details:
        type: string
        description: Human readable explanation specific to the occurrence of the
          problem
      location:
        type: string
        description: The name of the field that resulted in the error
      moreInfo:
        type: string
        description: URI to human readable documentation of the error
x-ibm-configuration:
  enforced: true
  testable: true
  phase: realized
securityDefinitions:
  OAuth2 Application Flow:
    type: oauth2
    description: ""
    flow: application
    scopes:
      /api/v1: ""
    tokenUrl: https://api.banamex.com/mx-gcgapi/api/v1/oauth/token
  ClientID:
    type: apiKey
    description: ""
    in: header
    name: X-IBM-Client-Id
security:
- OAuth2 Application Flow:
  - /api/v1
  ClientID: []
x-ibm-endpoints:
- endpointUrl: https://api.banamex.com/mx-gcgapi
  type:
  - production
  - development
...