HGS Transactions

Authorization

Dynamic Registration

Dynamic registration needs be performed only once before start using Garanti BBVA API Store, in order to get Client ID and Client Secret. Once these credentials are obtained, they should be declared in every API request.

 

API Profile

Attribute

Value

Name

Dynamic Registration

Version

V0

Description

Registration for Client Credentials

Pre-Conditions HTTP POST method is allowed.

Endpoint Definition

Endpoint

URI

/cards/service/registiration/v0

Base URL

https://apis.garantibbva.com.tr:443

 

 

Request Header

Attribute

Type

Condition

Description

Content-Type

String

Mandatory

application/json

Accept

String

Mandatory

application/json

 

Request Body

Attribute

Type

Condition

Description

redirect_uris

Array of Strings

Mandatory

URIs TPPs will be redirected after access token generation and customer login

company_name

String

Mandatory

TPP Name

 

Response Body

Attribute

Type

Condition

client_id

String

Mandatory

client_secret

String

Mandatory

 

Getting Access Token

Access Token is required to call APIs which requires “Authorization” attribute in request header and can be obtained from token endpoint by making a POST request with the Authorization Code grant type, Authorization Code, Client ID, Client Secret and Redirect URI.

In order to get access token, developer has to create Rest Web Service that is going to get the access token from Token API provided by Garanti BBVA API Store with POST request.

Garanti BBVA API Store Token Endpoint :

 

API Profile

Attribute

Value

Name

Access Token Generation

Version

V0

Description

Generation of Access Token in return of Authorization Code

Pre-Conditions

HTTP POST method is allowed.

 

Endpoint

URI

/cards/service/gettoken/v0

Base URL

https://apis.garantibbva.com.tr:443

 

 

Request Header

Attribute

Type

Condition

Description

Content-Type

String

Mandatory

application/json

Accept

String

Mandatory

application/json

 

Access Token Request Parameters

Client-ID

Client ID assigned to the user via Dynamic Registration.

Client-Secret

Client Secret assigned to the user via Dynamic Registration

Code

Authorization Code that generated after customer login.

Grant-Type

The OAuth 2.0 method defines four base grant types. The Garanti BBVA API Store expects Authorization Code grant type.

Redirect-URI

The access token is redirected to this URI. Has to be one of the URLs declared in Dynamic Registration request.

 

Response Access Token

access_token

This field shows Access Token

refresh_token

This field shows Refresh Token

 

Sample Request

grant_type=authorization_code&code=MqeB904a50WU3KiihFJE&client_id=rsVRcZkO1pHC6xMpxfpu&client_secret=MudauvmcWwJg2UFn7gGG&redirect_uri=https://www.TPPurl.com
 


Sample Response

{
  "access_token": "FbXPYR3PgkBK4UzpzwmJ",
  "refresh_token": "GqzeyuTgXqxWba5BJcQBArf47xYhyrkEJmp4YrQR"
}

 

 

Refresh Token

A  refresh token is a special kind of token used to obtain a renewed access token. You can request new access tokens until the refresh token is expired.

 

API Profile

Attribute

Value

Name

Refresh Token Generation

Version

V0

Description

Generation of Refresh Token in return of Valdation Access token is denied

Pre-Conditions

HTTP POST method is allowed.

 

Endpoint

URI

/cards/service/refreshtoken/v0

Base URL

https://apis.garantibbva.com.tr:443

 

Request Header

Attribute

Type

Condition

Description

content-Type

String

Mandatory

application/json

accept

String

Mandatory

application/json

 

Refresh Token Request Parameters

Client-ID

Client ID assigned to the user via Dynamic Registration.

Client-Secret

Client Secret assigned to the user via Dynamic Registration

Token

Refresh token that generated after Access token.

Grant-Type

The OAuth 2.0 method defines four base grant types. The Garanti BBVA API Store expects Refresh Token grant type.

 

 

Response Refresh Token

access_token

This field shows Access Token

refresh_token

This field shows Refresh Token

 

Sample Request

grant_type=refresh_token&code=MqeB904a50WU3KiihFJE&client_id=rsVRcZkO1pHC6xMpxfpu&client_secret=MudauvmcWwJg2UFn7gGG&redirect_uri=https://www.TPPurl.com
 


Sample Response

{
  "access_token": "FbXPYR3PgkBK4UzpzwmJ",
  "refresh_token": "GqzeyuTgXqxWba5BJcQBArf47xYhyrkEJmp4YrQR"
}

 

 

 

 

 

 

 

Consents

Authorization (Client Credentials)

Creates a consent request at the ASPSP and gets information about consents

API Profile

Attribute

Value

Name

Authorization Code Generation

Version

V2

Description

Generation of Authorization code in return of client id(api key ıd) and client secret(apı key secret)

Pre-Conditions

HTTP POST method is allowed.

 

Endpoint Definition

HGS API’s development live and mock environments routing data

Endpoint

URI

/auth/oauth/v2/token

Base URL

https://apis.garantibbva.com.tr

Authorization Code Request Parameters

Client-ID

Enter the ID assigned to the user from the Garanti BBVA API Store. This is the same as the API key generated on the Portal via “Adding New Applications”.

Client-Secret

Enter the client secret assigned to the user from the Garanti BBVA API Store. This field is the same as the Key Secret.

Redirect-Uri

The access token is redirected to this URI. This field must be same as Callback URL on the Portal via “Adding New Applications”.

Grant-Type

The OAuth 2.0 method defines four base grant types. The Garanti BBVA API Store expects Client Credentials grant type

Authorization Code Response

access_token

This field shows Access Token

refresh_token

This field shows Refresh Token

expires_in

This field shows expire time

scope

This field shows scobe

Sample Request

grant_type=client_credentials&client_id=rsVRcZkO1pHC6xMpxfpu&client_secret=MudauvmcWwJg2UFn7gGG&redirect_uri=https://www.TPPurl.com
 


Sample Response

{
  "access_token": "5c210aa0-47d3-4d8d-9f54-2238445304da",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "oob"
}
 

Consents Service Description

Creates a consent request at the ASPSP and gets information about consents

API Profile

Attribute

Value

Name

OSHY Consents

Version

V0

Synopsis

OSHY Consents

Description

Creates a consent request at the ASPSP and gets information about consents.

Pre-Conditions

HTTP GET, POST method is allowed.

Authentication

OAuth 2.0 with Authorization Code, Client Credentials


Endpoint Definition

HGS API’s development live and mock environments routing data

Endpoint

URI

/cc/service/consents/v0/

Base URL

https://apis.garantibbva:443


Technology

Technology Stack / DESIGN TIME

Property

Value

HTTP Call Method

GET,POST

Response Content Type

application/json; charset=utf-8


APIS

Create Consent

Creates a consent request at the Bank. Method is POST.

Request Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

TPP-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

TPP-Name

String

Mandatory

Name of the TPP

TPP-Redirect-URI

String

Mandatory

URI of the TPP, where the transaction flow shall be redirected to after a Redirect. Mandatory for response link scaOAuth field.

Authorization

String

Mandatory

OAuth 2.0 with Client Credentials 

 

 

 

 

Request Body

Attribute

Type

Condition

Description

recurringIndicator

Boolean

Mandatory

true, if the consent is for recurring access to the product data

false, if the consent is for one access to the product data

validationDate

ISODate

Mandatory

This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30.

frequencyPerDay

Integer

Mandatory

This field indicates the requested maximum frequency for an access per day

tranBeginDate

ISODate

Mandatory

This parameter is requesting a begin date for the requested consent. If a data less than begindate is requested, it is rejected.

tranEndDate

ISODate

Mandatory

This parameter is requesting a end date for the requested consent. If a data more than enddate is requested, it is rejected.

authorityConsentList

AuthorityID

List

String

Mandatory

This field indicates customer authority

authorityAttributeName

List

String

Conditional

If the authority has a attribute, this field must be full with attribute name

AuthorityAttribute

List

String

Conditional

If authorityAttributeName is full,authorityAttribute must be full

 

Response Header

Attribute

Type

Condition

Description

Location

String

Mandatory

Location of the created resource (if created)

X-Request-ID

UUID

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

ASPSP-SCA-Approach

String

Mandatory

REDIRECT

Content-Type

String

Mandatory

application/json;charset=UTF-8

 

 

Response Body

Attribute

Type

Condition

Description

consentStatus

String

Mandatory

Authentication status of the consent

consentId

String

Mandatory

Identification of the consent resource as it is used in the API structure

creationEndTime

String

Mandatory

Creation time of consentId.

strongIdType

String

Mandatory

Deadline when consent can be withdrawn into active status.

consentId

String

Mandatory

The field indicating the strong authentication method.

_links

Links

Mandatory

A list of hyperlinks to be recognised by the TPP. Type of links admitted in this response; "scaOAuth": The link which must be used for PSU login. After login is completed, PSU will be redirected to next stage, consent approval Product list.

 

Sample Request

{
  "recurringIndicator": false,
  "validationDate": "2020-12-31",
  "frequencyPerDay": 1,
  "authorityConsentList": [
    {
      "authorityID": "HGSBALANCE"
    },
    {
      "authorityID": "HGSTRANSACTIONINFO"
    },
    {
      "authorityID": "HGSPRODUCTINFO"
    }
  ]
}

 


Sample Response

{
  "consentStatus": "WAITING",
  "consentId": "ea975520-049d-4db7-b7e4-6ca5f467f222",
  "consentCreateTime": "2021-06-17 15:56:00.631",
  "creationEndTime": "2021-06-18 00:00:00.0",
  "strongIdType": "Y",
  "links": {
    "scaOAuth": {
      "href": "https://gboshymusteririzasi-d.fw.garantibbva.com.tr/psd2/login/landing?response_type=code&client_id=0N9t6vLtjI6YihLI95kS&scope=hgs&consent_id=ea975520-049d-4db7-b7e4-6ca5f467f222&redirect_uri=https://www.trendyol.com.tr"
    },
    "self": {
      "href": "/consents/ea975520-049d-4db7-b7e4-6ca5f467f222"
    },
    "status": {
      "href": "/consents/status"
    }
  }
}

 

Consent Product List

After the Access token, Returns the content of a consent object. With this API, the consent status becomes A. Method is POST

 

Request Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Consent-ID

String

Mandatory

Identification of the consent resource as it is used in the API structure.

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

Authorization

String

Mandatory

OAuth 2.0 with Authorization Code.

 

Response Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Content-Type

String

Mandatory

application/json;charset=UTF-8

 

 

Response Body

Attribute

Type

Condition

Description

consentId

String

Mandatory

Identification of the consent resource as it is used in the API structure

recurringIndicator

Boolean

Mandatory

true, if the consent is for recurring access to the product data

false, if the consent is for one access to the product data

validationDate

ISODate

Mandatory

This parameter is requesting a valid until date for the requested consent. The content is the local ASPSP date in ISODate Format, e.g. 2017-10-30.

frequencyPerDay

Integer

Mandatory

This field indicates the requested maximum frequency for an access per day

authorityConsentList

ProductId

List

String

Mandatory

This field indicates customer product

AuthorityID

List

String

Mandatory

This field indicates customer authority

authorityFLAG

List

Boolean

Mandatory

This field indicates customer authority flag

 

 

Sample Response

{
  "consentId": "888888888888888888888888888888888888",
  "recurringIndicator": true,
  "validationDate": "2020-12-15",
  "frequencyPerDay": 15,
  "authorityConsentList": [
    {
      "productId": "9",
      "authorityID": "HGSBALANCE",
      "authorityFLAG": true
    },
    {
      "productId": "8",
      "authorityID": "HGSTRANSACTIONINFO",
      "authorityFLAG": true
    },
    {
      "productId": "9",
      "authorityID": "HGSTRANSACTIONINFO",
      "authorityFLAG": true
    }
  ]
}
 

Consent Get Status

Check the status of an account information consent. Method is GET.

Request Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Consent-ID String Mandatory Identification of the consent resource as it is used in the API structure

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

 

 

Response Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Content-Type

String

Mandatory

application/json;charset=UTF-8

 

 

Response Body

Attribute

Type

Condition

Description

consentStatusList

ConsentId

List

String

Mandatory

Identification of the consent resource as it is used in the API structure

authorityID

List

String

Mandatory

This field indicates customer authority

consentStatus

List

String

Mandatory

Authentication status of the consent

 

Sample Response

{
  "consentStatusList": [
    {
      "consentID": "888888888888888888888888888888888888",
      "authorityID": "HGSPRODUCTINFO",
      "consentStatus": "WAITING"
    },
    {
      "consentID": "888888888888888888888888888888888888",
      "authorityID": "HGSBALANCE",
      "consentStatus": "ACTIVE"
    },
    {
      "consentID": "888888888888888888888888888888888888",
      "authorityID": "HGSTRANSACTIONINFO",
      "consentStatus": "ACTIVE"
    }
  ]
}

Consent Read

Returns the content of a consent object. Method is GET.

Request Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Consent-ID String Mandatory Identification of the consent resource as it is used in the API structure

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

Authorization

String

Mandatory

OAuth 2.0 with Authorization Code.

 

 

Response Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Content-Type

String

Mandatory

application/json;charset=UTF-8

 

 

Response Body

Attribute

Type

Condition

Description

consentId

String

Mandatory

Identification of the consent resource as it is used in the API structure

recurringIndicator

Boolean

Mandatory

true, if the consent is for recurring access to the product data

false, if the consent is for one access to the product data

validationDate

ISODate

Mandatory

This parameter is requesting a valid until date for the requested consent. The content is the local Bank date in ISODate Format, e.g. 2017-10-30.

frequencyPerDay

Integer

Mandatory

This field indicates the requested maximum frequency for an access per day

authorityConsentList

ProductId

List

String

Mandatory

This field indicates customer product

AuthorityID

List

String

Mandatory

This field indicates customer authority

authorityFLAG

List

Boolean

Mandatory

This field indicates customer authority flag

 

Sample Response

{
  "consentId": "888888888888888888888888888888888888",
  "recurringIndicator": true,
  "validationDate": "2020-12-15",
  "frequencyPerDay": 15,
  "authorityConsentList": [
    {
      "productId": "9",
      "authorityID": "HGSBALANCE",
      "authorityFLAG": true
    },
    {
      "productId": "8",
      "authorityID": "HGSTRANSACTIONINFO",
      "authorityFLAG": true
    },
    {
      "productId": "9",
      "authorityID": "HGSTRANSACTIONINFO",
      "authorityFLAG": true
    }
  ]
}

 

Consent Delete

Delete can be done in 4 different ways. Method is POST

  1. If you send only the consent ID without filling the body field, that consent ID will only be completely disabled.
  2. If you fill in consent id and authority id and send it, the authority you sent under that consent will only be inactive.
  3. If you fill in consent id and product id and submit, the authorization of the product you sent under that consent will be revoked.
  4. If you fill in the consentID, authorityID and productID and send them, the authority of the products under that consent will be revoked.

 

Request Header

Attribute

Type

Condition

Description

Consent-ID

String

Mandatory

Identification of the consent resource as it is used in the API structure.

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

Authorization

String

Mandatory

OAuth 2.0 with Authorization Code.

 

Request Body

Attribute

Type

Condition

Description

authorityConsentList

AuthorityID

List

String

Optional

The authority ID information to be deleted can be written..

ProductId

List

String

Optional

The Product ID information to be deleted can be written..

 

Response Header

Attribute

Type

Condition

Description

X-Request-ID

UUID

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Content-Type

String

Mandatory

application/json;charset=UTF-8

 

 

 

Response Body

Attribute

Type

Condition

Description

Consentstatus

String

Mandatory

Identification of the consent resource as it is used in the API structure

 

 

Sample Request

{
  "authorityConsentList": [
    {
      "authorityID": "HGSTRANSACTIONINFO"
    }
  ]
}

Sample Response

{
  "consentStatus": "Delete Success"
}

 

 

 

 

Transaction

List of Transactions

Transaction List works for only one product at a time. It is listed if there is any transaction in the relevant date range.

API Profile

Attribute

Value

Name

Transaction List

Version

V0

Description

List of transactions for a particular product

Pre-Conditions

HTTP POST method is allowed.

 

Endpoint Definition 

Endpoint

URI

/cards/hgs/service/v0/txnlist

Base URL

https://apis.garantibbva:443

 

Request Header

Attribute

Type

Condition

Description

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Consent-ID

String

Mandatory

Identification of the consent resource as it is used in the API structure

Client-ID

String

Mandatory

TPP's Client ID, generated in Dynamic Registration.

Client-Secret

String

Mandatory

TPP's Client Secret, generated in Dynamic Registration.

Client-ID-Portal

String

Mandatory

TPP's Client ID Portal, value obtained from Dashboard/Applications page in API Store, for SANDBOX/PRODUCTION plan.

Authorization

String

Mandatory

OAuth 2.0 with Authorization Code.

 

 

 

Request Body

Attribute

Type

Condition

Description

productId

String

Mandatory

HGS product number

debitCreditInd

String

Optional

Credit debt indicator (A or B)

sortOption

String

Optional

The order in which transactions are listed (If this area remains empty, then transactions come in ascending order)

scrollAmount

Int

Optional

Determining the number of transactions to be listed

orderByFieldNum

Int

Conditional

Content of transactions to be listed (1: Transitional movements, 2: Balance uploads, 3: Both Transitional movements and Balance uploads)

startInstanceId

String

Mandatory

Transaction start date to return to

stopInstanceId

String

Mandatory

Transaction end date to return to

authorityList

authorityID

List

String

Mandatory

Authorization permission indicator

 

Response Header

Attribute

Type

Condition

Description

Content-Type

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

X-Request-ID

String

Mandatory

ID of the request, unique to the call, as determined by the initiating party.

Consent-ID

String

Mandatory

application/json;charset=UTF-8

 

 

Response Body

Attribute

Type

Condition

Description

 

productId

List

String

Mandatory

HGS product number

vehicleClassId

List

String

Mandatory

Vehicle class id of the product

 

plateTextValue

List

String

Mandatory

Plate text value of the product

accountUnitNum

List

Int

Mandatory

Unit num of the product

hgsProductInfo List

accountNum

List

Int

Conditional

Account num of the product (if not connected to credit card)

cardNumber

List

String

Conditional

Card number of the product (if connected to credit card)

 

emailAddressTextValue

List

String

Mandatory

Email address text of the product

autoPymntAmnt

List

Double

Mandatory

Auto payment amount of the product

 

minPaymentAmnt

List

Double

Mandatory

Minimum payment amount of the product

mobilePhoneNum

List

Long

Mandatory

Mobile phone number of the product

 

balanceAmount

List

Double

Mandatory

Balance amount of the product

statuText20

List

String

Mandatory

Statu value of the product

 

 

productId

List

String

Mandatory

HGS product number

transactionAmount

List

Double

Mandatory

Vehicle class id of the product

 

debitCreditInd

List

String

Mandatory

Plate text value of the product

entranceTs

List

String

Mandatory

Unit num of the product

txnList

departureTs

List

String

Conditional

Account num of the product (if not connected to credit card)

entrancMtrwyTextLength

List

Int

Conditional

Entrance motorway text length of the transaction (if it is a transaction, this field will not be empty)

 

entrancMtrwyTextValue

List

String

Mandatory

Entrance motorway text value of the transaction (if it is a transaction, this field will not be empty)

departrMtrwyTextLength

List

Int

Mandatory

Departure motorway text length of the transaction  (if it is a transaction, this field will not be empty)

 

departrMtrwyTextValue

List

String

Mandatory

Departure motorway text value of the transaction  (if it is a transaction, this field will not be empty)

explanationText35

List

String

Mandatory

Explanation text of the transaction

 

 

 

Sample Request

{
  "productId": "1106507250",
  "debitCreditInd": "",
  "sortOption": "ASC",
  "scrollAmount": 0,
  "orderByFieldNum": 1,
  "startInstanceId": "2015-04-24 18:55:31.025370",
  "stopInstanceId": "2016-04-24 18:55:31.025370",
  "authorityList": [
    {
      "authorityID": "HGSTRANSACTIONINFO"
    },
    {
      "authorityID": "HGSPRODUCTINFO"
    }
  ]
}

Sample Response

{
  "hgsProductInfo": {
    "productId": "1106507250",
    "vehicleClassId": "05",
    "plateTextValue": "77RGN77",
    "accountUnitNum": 295,
    "accountNum": 5881663,
    "cardNumber": "",
    "emailAddressTextValue": "UTKUERKAL@GMAIL.COM",
    "autoPymntAmnt": 100,
    "minPaymentAmnt": 100,
    "mobilePhoneNum": 905355633965,
    "balanceAmount": 480.15,
    "statuText20": "Ürün Verildi"
  },
  "txnList": [
    {
      "productId": "1106507250",
      "transactionAmount": 50,
      "debitCreditInd": "B",
      "entranceTs": "2015-04-22-14.46.27.000001",
      "departureTs": "0001-01-01-01.01.01.000001",
      "entrancMtrwyTextLength": 50,
      "entrancMtrwyTextValue": "",
      "departrMtrwyTextLength": 50,
      "departrMtrwyTextValue": "HAREM",
      "explanationText35": "Geçiş(İDO)"
    }
  ]
}
 
 

Return Codes & Error Handling

Code

Description

Type

200 OK SUCCESS
400 Invalid Request MISSING PARAMETERS
401 Invalid Credentials UNAUTHORIZED
405 {http.method} Method Not Allowed CALL METHOD ERROR
429 API plan limit exceeded RATE LIMITING
500 Internal Server Error SYSTEM ERROR

Return Messages

CODE

RETURN RESPONSE

400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E001",
      "apiResponseInfo": " ConsentID field length must be 36 characters!"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E003",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : CustomerNum"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E004",
      "apiResponseInfo": "This field can not be empty : ProductID"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E005",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : ProductID"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E006",
      "apiResponseInfo": "Missing request body AuthorityID for method parameter of type String"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E007",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : AuthorityID"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E008",
      "apiResponseInfo": "Missing request body authorityFLAG for method parameter of type String"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E009",
      "apiResponseInfo": "Error authorityFLAG. authorityFLAG must be true"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E010",
      "apiResponseInfo": "Error authorityAttribute. If authorityAttributeName is null, authorityAttribute must be null"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E011",
      "apiResponseInfo": "Error authorityAttributeName. If authorityAttribute is null, authorityAttributeName must be null"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E012",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : AuthorityAttributeName"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E013",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : AuthorityAttribute"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E014",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : ClientID"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E015",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : ClientIDPortal"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E016",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : TPPID"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E017",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : TPPName"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E020",
      "apiResponseInfo": "Error Max Character. Server was unable to process request : FrequencyPerDay"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E022",
      "apiResponseInfo": "Error frequencyPerDay.If recurringIndicator is false, frequencyPerDay must be 1"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E023",
      "apiResponseInfo": "Error Valid Date. Server was unable to process request : validationDate"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E024",
      "apiResponseInfo": "Unrecognised Field : AuthorityFlag"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E025",
      "apiResponseInfo": "The same authorityId must only be sent once "
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E026",
      "apiResponseInfo": "Unrecognised Field : authorityFLAG"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E027",
      "apiResponseInfo": "Unrecognised Field : authorityAttributeName"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E028",
      "apiResponseInfo": "Unrecognised Field : authorityAttribute"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E029",
      "apiResponseInfo": "This AuthorityID not found : ZZZZZ"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E031",
      "apiResponseInfo": "Error ConsentID OR consentStatus OR authorityID OR authorityName! ConsentID :XXXXXXX..XXX Authority ID:YYYYYYY AuthorityName:ZZZZ"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E032",
      "apiResponseInfo": "Error ConsentID OR ClientID! ConsentID :XXXXXXXXX..XX ClientID: YYYYYYYY…..Y"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E033",
      "apiResponseInfo": "Consent Status is not Waiting For Consent ID :XXXXXXX ClientID: YYYYYYYYYYY…Y"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E040",
      "apiResponseInfo": "Error Valid Date. Server was unable to process request : tranEndDate"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E041",
      "apiResponseInfo": "Error valid date. Server was unable to process request (mount) : tranBeginDate"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E042",
      "apiResponseInfo": "tranEndDate can not be smaller than tranBeginDate!"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E043",
      "apiResponseInfo": "Validation Parameter is not found for AuthorityID : "+authorityConsent.getAuthorityID”
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E044",
      "apiResponseInfo": "Validation date cannot be greater than "X" days from today's date"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E045",
      "apiResponseInfo": "Customer number cannot be empty"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E046",
      "apiResponseInfo": "Product id cannot be empty"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E047",
      "apiResponseInfo": "Only one product must be selected"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E048",
      "apiResponseInfo": "Start date cannot be greater than end date"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E049",
      "apiResponseInfo": "Date format is incorrect"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E050",
      "apiResponseInfo": "Date range cannot be longer than 1 year"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E051",
      "apiResponseInfo": "Date information entered incorrectly"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E052",
      "apiResponseInfo": "Customer has no consent for this product"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E053",
      "apiResponseInfo": "Authority request cannot be empty"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E054",
      "apiResponseInfo": "Invalid authority id"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E055",
      "apiResponseInfo": "Product has no authority"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E056",
      "apiResponseInfo": "Product has no authority for HgsTransactionInfo"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E057",
      "apiResponseInfo": "Product has no authority for HgsProductInfo"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E058",
      "apiResponseInfo": "HGS product list service call error"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E059",
      "apiResponseInfo": "HGS transaction list service call error"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E060",
      "apiResponseInfo": "HGS product list main service error"
    }
  }
}
400
{
  "apiError": {
    "code": 400,
    "info": "Bad Request",
    "apiResponse": {
      "apiResponseCode": "E061",
      "apiResponseInfo": "HGS transaction list main service error"
    }
  }
}