Headers

• x-fapi-auth-date string

  The time when the PSU last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2017 19:43:31 UTC

  Format should match the following pattern: ^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} (GMT|UTC)$.

• x-fapi-customer-ip-address string

  The PSU's IP address if the PSU is currently logged in with the TPP.

• x-fapi-interaction-id string

  An RFC4122 UID used as a correlation id.

• x-customer-user-agent string

  Indicates the user-agent that the PSU is using.

Path parameters

• OrganisationId string Required

  The organisation ID

  Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

• SoftwareStatementId string Required

  The software statement ID

  Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

Responses

• 200 application/json

  Get the software statements with the given id

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  Hide response attributes Show response attributes object

  • OperationWarnings array[string]

    A warning code that describes a warning condition that occurred during the last operation

    Values are IMAGE_UPLOAD_FAILURE_PLACEHOLDER_USED, IMAGE_VALIDATION_FAILURE_BAD_DATA_ENCODING_PLACEHOLDER_USED, IMAGE_VALIDATION_FAILURE_UNSUPPORTED_IMAGE_FORMAT_PLACEHOLDER_USED, IMAGE_VALIDATION_CONTENT_FAILURE_PLACEHOLDER_USED, IMAGE_VALIDATION_DIMENSIONS_FAILURE_PLACEHOLDER_USED, IMAGE_VALIDATION_MAX_SIZE_FAILURE_PLACEHOLDER_USED, IMAGE_VALIDATION_FAILURE_SVG_VALIDATION_PLACEHOLDER_USED, IMAGE_VALIDATION_CONTENT_WARNING_SUPERUSER_OVERRIDE, or IMAGE_VALIDATION_DIMENSIONS_WARNING_SUPERUSER_OVERRIDE.

  • SoftwareStatementCertifications array[object]
    Hide SoftwareStatementCertifications attributes Show SoftwareStatementCertifications attributes object

    • CertificationExpirationDate string

      JSONDatetime of certification expiration date

      Format should match the following pattern: ^[^<>]*$.

    • CertificationId string

      Unique ID associated with the software statement certification

      Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

    • CertificationStartDate string

      JSONDatetime of certification start date

      Format should match the following pattern: ^[0-3][0-9]/[0-1][0-9]/2([0-9]{3})$.

    • CertificationStatus string

      The different types of certification status

      Values are Awaiting Certification, Certified, Deprecated, Rejected, Warning, or Self-Certified. Default value is Awaiting Certification.

    • CertificationURI string(uri)

      Link to the certifation package. Example https://github.com/Open[Domain]/conformance/blob/main/submissions/functional/business/1.0.3/api-business-customer.zip

      Maximum length is 500. Format should match the following pattern: ^(https://).*.

    • ProfileType string

      Certification type

      Format should match the following pattern: ^[^<>]*$.

    • ProfileVariant string

      Certification variant

      Format should match the following pattern: ^[^<>]*$.

    • ProfileVersion number

      The version number of the certification

    • SoftwareStatementId string

      Unique Software Statement Id

      Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

    • Status string

      Current status of this resource

      Values are Active or Inactive. Default value is Active.

  • AdditionalSoftwareMetadata string

    Extra metadata defined by the org admins to be loaded into the software statement and made avaiable during introspection

    Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • ApiWebhookUri array[string(uri)]

    A compliant URI

    Maximum length of each is 255. Format of each should match the following pattern: ^(https:\/\/[^\s/?#]+(?:\/[^\s\/?#]+)*)$.

  • ClientId string

    Software Statement client Id

    Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • ClientName string

    Software Statement client name

    Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • ClientSecret string

    The client secret, only returned when a client is created/updated to have client_secret_basic auth type

    Maximum length is 255.

  • ClientUri string(uri)

    The Software Statement client compliant URI

    Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

  • CreatedAt string(date-time)
  • Description string

    Software Statement description

    Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • Environment string

    The additional check for software statement, this field can avoid

    Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

  • FederationEndpoint string(uri)

    The federation endpoint for the Authorisation Server

    Maximum length is 255. Format should match the following pattern: ^(https://).*.

  • Flags array[object]
    Hide Flags attributes Show Flags attributes object

    • CreatedAt string(date-time)
    • Id string

      Unique ID of the flag

      Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

    • UpdatedAt string(date-time)
    • AccessLevel integer Required

      The access level of a flag as a number. The higher the number, the more sensitive it is

    • Description string

      The description of this flag

      Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

    • Name string Required

      The name of this flag

      Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

    • Status string Required

      Current status of this resource

      Values are Active or Inactive. Default value is Active.

    • Type string Required

      The type of this tag

      Values are Organisation, Software_Statement, or Authorisation_Server.

    • Value string Required

      The value of this flag

      Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • HomepageUri string(uri)

    The URI for the website with details about the application and its services

    Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

  • IdTokenSignedResponseAlgorithm string

    Signing algorithm that a client expects the server to return an id_token with. Must be PS256

    Values are PS256 or RS256. Default value is PS256.

  • Locked boolean

    Flag shows if assertion has been generated on the software statement - will be set to true when assertion is generated

  • LogoUri string(uri)

    A compliant URI

    Format should match the following pattern: ^(http://|https://).*.(svg|png|jpg|jpeg)$|(data:image/[a-zA-Z0-9;+=-]+,[A-Za-z0-9+/]*={0,2})$.

  • Mode string

    Software Statement mode

    Values are Live or Test. Default value is Live.

  • NotificationWebhook string(uri)

    A compliant URI

    Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

  • NotificationWebhookStatus string

    Values are Pending, Confirmed, or Deactivated. Default value is Pending.

  • OnBehalfOf string

    A reference to fourth party organisation resource on the RTS Directory if the registering Org is acting on behalf of another

    Maximum length is 255. Format should match the following pattern: ^[^<>]*$.

  • OpenidFederationEnabled boolean

    Is this software statement enabled for federation

    Default value is false.

  • OpenidFederationEntityManagementType string

    The type of federation management that applies to this software statement

    Values are openid_entity_federation_managed or openid_entity_self_managed.

  • OrganisationId string

    Unique ID associated with the organisation

    Minimum length is 1, maximum length is 40. Format should match the following pattern: ^[^<>]*$.

  • OriginUri array[string(uri)]

    A compliant URI

    Maximum length of each is 255. Format of each should match the following pattern: ^https:\/\/(?:[a-zA-Z0-9-]+\.)+[a-zA-Z]+(?::\d+)?(?:\/[a-zA-Z0-9-._~!$&'()*+,;=:@\/?%]*)?(?:\?[a-zA-Z0-9-._~!$&'()*+,;=:@\/?%]*)?(?:#[a-zA-Z0-9-._~!$&'()*+,;=:@\/?%]*)?$|(^android:apk-key-hash:[a-zA-Z0-9-]+)|(^ios:bundle-id:[a-zA-Z][-a-zA-Z0-9]*\.([a-zA-Z][-a-zA-Z0-9]*\.?)+)$.

  • PolicyUri string(uri)

    A compliant URI string that points to a human-readable privacy policy document

    Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

  • PostLogoutRedirectUris array[string(uri)]

    A compliant URI

    Maximum length of each is 255. Format of each should match the following pattern: ^(http://|https://).*.

  • RedirectUri array[string(uri)]

    A compliant URI

    Maximum length of each is 255. Format of each should match the following pattern: ^(http://|https://).*.

  • RelatedAuthorisationServer string(uuid) | null

    ID of the Authorisation Server that is connected to this Software Statement

  • RequireSignedRequestObject boolean

    Require a signed request object. If this is set to false, the client will not be FAPI compliant

    Default value is true.

  • RtsClientCreated boolean

    Client created flag

  • SoftwareStatementId string

    Unique Software Statement Id

    Maximum length is 40. Format should match the following pattern: ^[^<>]*$.

  • SoftwareVersion string

    Software Statement version as provided by the organisation's software team

    Maximum length is 40.

  • Status string

    Is this software statement Active/Suspended/Inactive

    Values are Active, Suspended, or Inactive. Default value is Active.

  • TermsOfServiceUri string(uri)

    The Software Statement terms of service compliant URI

    Maximum length is 255. Format should match the following pattern: ^(http://|https://).*.

  • TlsClientCertificateBoundAccessTokens boolean

    Are the tokens issued for this client bound to a client tls certificate

    Default value is true.

  • TokenEndpointAuthMethod string

    Token endpoint authentication method

    Minimum length is 1, maximum length is 60. Values are private_key_jwt, tls_client_auth, or client_secret_basic. Default value is private_key_jwt.

  • UpdateFailed boolean

    Flag shows if software statement is in failed update state

  • UpdateFailedReason string

    Error message describing why the update failed

    Format should match the following pattern: ^[^<>]*$.

  • Version number Deprecated

    Software Statement version as provided by the organisation's software team

    Maximum length is 40.

• 400 application/json

  Bad Request

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  Hide response attribute Show response attribute object

  • errors array[string]

    Validation Error messages

• 401

  Unauthorized

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 404 application/json

  Not found

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

  Hide response attribute Show response attribute object

  • errors array[string]

    Validation Error messages

• 406

  Not Acceptable

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 429

  Too many requests, maximum capacity reached. Requests are now throttled.

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 500

  Internal Server Error

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 502

  Bad Gateway

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.

• 504

  Upstream timeout, insufficient capacity to serve request. More capacity being brought online. Please try again.

  Hide headers attribute Show headers attribute

  • x-fapi-interaction-id string

    An RFC4122 UID used as a correlation id.

    Minimum length is 1, maximum length is 100. Format should match the following pattern: ^[a-zA-Z0-9][a-zA-Z0-9\-]{0,99}$.