{"resource_docs":[{"operation_id":"OBPv4.0.0-createUserWithRoles","implemented_by":{"version":"OBPv4.0.0","function":"createUserWithRoles"},"request_verb":"POST","request_url":"/obp/v4.0.0/user-entitlements","summary":"Create (DAuth) User with Roles","description":"
This endpoint is used as part of the DAuth solution to grant Entitlements for Roles to a smart contract on the blockchain.
\nPut the smart contract address in username
\nFor provider use "dauth"
\nThis endpoint will create the User with username and provider if the User does not already exist.
\nThen it will create Entitlements i.e. grant Roles to the User.
\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
\ni.e. Entitlements are used to create / consume system or bank level resources where as views / account access are used to consume / create customer level resources.
\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
\nNote: The Roles actually granted will depend on the Roles that the calling user has.
\nIf you try to grant Entitlements to a user that already exist (duplicate entitilements) you will get an error.
\nFor information about DAuth see below:
\nDAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
\nIn the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
\nThus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
\nDAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
\nWhen OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
\nIf you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
\nWhen OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
\nNote: The DAuth flow does not require an explicit POST like Direct Login to create the token.
\nPermissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
\nNote: DAuth is NOT enabled on this instance!
\nNote: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
\nTo use DAuth:
\nSet up properties in your props file
\n# -- DAuth --------------------------------------\n# Define secret used to validate JWT token\n# jwt.public_key_rsa=path-to-the-pem-file\n# Enable/Disable DAuth communication at all\n# In case isn't defined default value is false\n# allow_dauth=false\n# Define comma separated list of allowed IP addresses\n# dauth.host=127.0.0.1\n# -------------------------------------- DAuth--\n
\nPlease keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
\nThe following videos are available:
\n* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
\n{\n "alg": "RS256",\n "typ": "JWT"\n}\n
\nPAYLOAD:DATA
\n{\n "smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "network_name": "AIRNODE.TESTNET.ETHEREUM",\n "msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",\n "consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",\n "timestamp": "2021-11-04T14:13:40Z",\n "request_id": "0Xe876987694328763492876348928736497869273649"\n}\n
\nVERIFY SIGNATURE
\nRSASHA256(\n base64UrlEncode(header) + "." +\n base64UrlEncode(payload),\n) your-RSA-key-pair
\n
\nHere is an example token:
\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k\n
\nUsing your favorite http client:
\nGET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current
\nBody
\nLeave Empty!
\nHeaders:
\n DAuth: your-jwt-from-step-above\n
\nHere is it all together:
\nGET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current HTTP/1.1
\nHost: localhost:8080
\nUser-Agent: curl/7.47.0
\nAccept: /
\nDAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
\ncurl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://apisandbox.openbankproject.com/obp/v3.0.0/users/current\n
\nYou should receive a response like:
\n{\n "user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",\n "email": "",\n "provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "provider": "ETHEREUM",\n "username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "entitlements": {\n "list": []\n }\n}\n
\nThe file, dauth.scala handles the DAuth,
\nWe:
\n-> Check if Props allow_dauth is true\n -> Check if DAuth header exists\n -> Check if getRemoteIpAddress is OK\n -> Look for "token"\n -> parse the JWT token and getOrCreate the user\n -> get the data of the user\n
\nParameter names and values are case sensitive.
\nEach parameter MUST NOT appear more than once per request.
Authentication is Mandatory
\nJSON request body fields:
\nbank_id: gh.29.uk
\nprovider: ETHEREUM
\n\nroles: CanCreateMyUser
\nusername: felixsmith
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\n","description_markdown":"This endpoint is used as part of the DAuth solution to grant Entitlements for Roles to a smart contract on the blockchain.\n\nPut the smart contract address in username\n\nFor provider use \"dauth\"\n\nThis endpoint will create the User with username and provider if the User does not already exist.\n\nThen it will create Entitlements i.e. grant Roles to the User.\n\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)\n\ni.e. Entitlements are used to create / consume system or bank level resources where as views / account access are used to consume / create customer level resources.\n\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. \"bank_id\":\"\"\n\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. \"bank_id\":\"my-bank-id\"\n\nNote: The Roles actually granted will depend on the Roles that the calling user has.\n\nIf you try to grant Entitlements to a user that already exist (duplicate entitilements) you will get an error.\n\nFor information about DAuth see below:\n\n\nDAuth is an experimental authentication mechanism that aims to pin an ethereum or other blockchain Smart Contract to an OBP "User".
\nIn the future, it might be possible to be more specific and pin specific actors (wallets) that are acting within the smart contract, but so far, one smart contract acts on behalf of one User.
\nThus, if a smart contract "X" calls the OBP API using the DAuth header, OBP will get or create a user called X and the call will proceed in the context of that User "X".
\nDAuth is invoked by the REST client (caller) including a specific header (see step 3 below) in any OBP REST call.
\nWhen OBP receives the DAuth token, it creates or gets a User with a username based on the smart_contract_address and the provider based on the network_name. The combination of username and provider is unique in OBP.
\nIf you are calling OBP-API via an API3 Airnode, the Airnode will take care of constructing the required header.
\nWhen OBP detects a DAuth header / token it first checks if the Consumer is allowed to make such a call. OBP will validate the Consumer ip address and signature etc.
\nNote: The DAuth flow does not require an explicit POST like Direct Login to create the token.
\nPermissions may be assigned to an OBP User at any time, via the UserAuthContext, Views, Entitlements to Roles or Consents.
\nNote: DAuth is NOT enabled on this instance!
\nNote: The DAuth client is responsible for creating a token which will be trusted by OBP absolutely!
\nTo use DAuth:
\nSet up properties in your props file
\n# -- DAuth --------------------------------------\n# Define secret used to validate JWT token\n# jwt.public_key_rsa=path-to-the-pem-file\n# Enable/Disable DAuth communication at all\n# In case isn't defined default value is false\n# allow_dauth=false\n# Define comma separated list of allowed IP addresses\n# dauth.host=127.0.0.1\n# -------------------------------------- DAuth--\n
\nPlease keep in mind that property jwt.public_key_rsa is used to validate JWT token to check it is not changed or corrupted during transport.
\nThe following videos are available:
\n* DAuth in local environment
HEADER:ALGORITHM & TOKEN TYPE
\n{\n "alg": "RS256",\n "typ": "JWT"\n}\n
\nPAYLOAD:DATA
\n{\n "smart_contract_address": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "network_name": "AIRNODE.TESTNET.ETHEREUM",\n "msg_sender": "0xe12340927f1725E7734CE288F8367e1Bb143E90fhku767",\n "consumer_key": "0x1234a4ec31e89cea54d1f125db7536e874ab4a96b4d4f6438668b6bb10a6adb",\n "timestamp": "2021-11-04T14:13:40Z",\n "request_id": "0Xe876987694328763492876348928736497869273649"\n}\n
\nVERIFY SIGNATURE
\nRSASHA256(\n base64UrlEncode(header) + "." +\n base64UrlEncode(payload),\n\n) your-RSA-key-pair\n
\nHere is an example token:
\neyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k\n
\nUsing your favorite http client:
\nGET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current
\nBody
\nLeave Empty!
\nHeaders:
\n DAuth: your-jwt-from-step-above\n
\nHere is it all together:
\nGET https://apisandbox.openbankproject.com/obp/v3.0.0/users/current HTTP/1.1
\nHost: localhost:8080
\nUser-Agent: curl/7.47.0
\nAccept: /
\nDAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k
CURL example
\ncurl -v -H 'DAuth: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzbWFydF9jb250cmFjdF9hZGRyZXNzIjoiMHhlMTIzNDI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGJiM0YwNTEyMjQiLCJuZXR3b3JrX25hbWUiOiJFVEhFUkVVTSIsIm1zZ19zZW5kZXIiOiIweGUxMjM0MDkyN2YxNzI1RTc3MzRDRTI4OEY4MzY3ZTFCYjE0M0U5MGZoa3U3NjciLCJjb25zdW1lcl9rZXkiOiIweDEyMzRhNGVjMzFlODljZWE1NGQxZjEyNWRiNzUzNmU4NzRhYjRhOTZiNGQ0ZjY0Mzg2NjhiNmJiMTBhNmFkYiIsInRpbWVzdGFtcCI6IjIwMjEtMTEtMDRUMTQ6MTM6NDBaIiwicmVxdWVzdF9pZCI6IjBYZTg3Njk4NzY5NDMyODc2MzQ5Mjg3NjM0ODkyODczNjQ5Nzg2OTI3MzY0OSJ9.XSiQxjEVyCouf7zT8MubEKsbOBZuReGVhnt9uck6z6k' https://apisandbox.openbankproject.com/obp/v3.0.0/users/current\n
\nYou should receive a response like:
\n{\n "user_id": "4c4d3175-1e5c-4cfd-9b08-dcdc209d8221",\n "email": "",\n "provider_id": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "provider": "ETHEREUM",\n "username": "0xe123425E7734CE288F8367e1Bb143E90bb3F051224",\n "entitlements": {\n "list": []\n }\n}\n
\nThe file, dauth.scala handles the DAuth,
\nWe:
\n-> Check if Props allow_dauth is true\n -> Check if DAuth header exists\n -> Check if getRemoteIpAddress is OK\n -> Look for "token"\n -> parse the JWT token and getOrCreate the user\n -> get the data of the user\n
\nParameter names and values are case sensitive.
\nEach parameter MUST NOT appear more than once per request.
Returns the list of the permissions at BANK_ID for account ACCOUNT_ID, with each time a pair composed of the user and the views that he has access to.
\nAuthentication is Mandatory
\nand the user needs to have access to the owner view.
URL Parameters:
\nACCOUNT_ID: 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0
\nBANK_ID: gh.29.uk
\nJSON response body fields:
\n\n\n\n\ncan_add_image_url: true
\ncan_add_more_info: true
\n\n\n\n\ncan_add_tag: true
\n\n\n\ncan_delete_corporate_location: true
\ncan_delete_image: true
\n\n\ncan_delete_where_tag: true
\ncan_edit_owner_comment: true
\n\ncan_see_bank_account_bank_name: true
\ncan_see_bank_account_currency:
\n\ncan_see_bank_account_label: true
\ncan_see_bank_account_national_identifier:
\ncan_see_bank_account_number: true
\ncan_see_bank_account_owners: true
\ncan_see_bank_account_swift_bic:
\n\n\ncan_see_corporate_location: true
\ncan_see_image_url: true
\ncan_see_images: true
\n\n\ncan_see_other_account_bank_name:
\n\n\ncan_see_other_account_metadata:
\ncan_see_other_account_national_identifier: true
\ncan_see_other_account_number: true
\ncan_see_other_account_swift_bic: true
\n\n\n\n\n\ncan_see_transaction_amount: true
\n\n\ncan_see_transaction_description: true
\ncan_see_transaction_finish_date:
\n\ncan_see_transaction_other_bank_account:
\ncan_see_transaction_start_date:
\ncan_see_transaction_this_bank_account:
\n\ncan_see_url: true
\ncan_see_where_tag: true
\ndescription: This an optional field. Maximum length is 2000. It can be any characters here.
\n\n\nid: d8839721-ad8f-45dd-9f78-2080414b93f9
\nis_public: true
\n\nprovider: ETHEREUM
\n\nuser:
\n\n","description_markdown":"Returns the list of the permissions at BANK_ID for account ACCOUNT_ID, with each time a pair composed of the user and the views that he has access to.\n\nAuthentication is Mandatory\nand the user needs to have access to the owner view.\n\n\n**URL Parameters:**\n\n[ACCOUNT_ID](/glossary#Account.account_id): 8ca8a7e4-6d02-40e3-a129-0b2bf89de9f0\n\n\n\n[BANK_ID](/glossary#Bank.bank_id): gh.29.uk\n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**alias**](/glossary#alias): \n\n\n\n[**can_add_comment**](/glossary#can_add_comment): \n\n\n\n[**can_add_corporate_location**](/glossary#can_add_corporate_location): \n\n\n\n[**can_add_image**](/glossary#can_add_image): \n\n\n\n[**can_add_image_url**](/glossary#can_add_image_url): true\n\n\n\n[**can_add_more_info**](/glossary#can_add_more_info): true\n\n\n\n[**can_add_open_corporates_url**](/glossary#can_add_open_corporates_url): \n\n\n\n[**can_add_physical_location**](/glossary#can_add_physical_location): \n\n\n\n[**can_add_private_alias**](/glossary#can_add_private_alias): \n\n\n\n[**can_add_public_alias**](/glossary#can_add_public_alias): \n\n\n\n[**can_add_tag**](/glossary#can_add_tag): true\n\n\n\n[**can_add_url**](/glossary#can_add_url): \n\n\n\n[**can_add_where_tag**](/glossary#can_add_where_tag): \n\n\n\n[**can_delete_comment**](/glossary#can_delete_comment): \n\n\n\n[**can_delete_corporate_location**](/glossary#can_delete_corporate_location): true\n\n\n\n[**can_delete_image**](/glossary#can_delete_image): true\n\n\n\n[**can_delete_physical_location**](/glossary#can_delete_physical_location): \n\n\n\n[**can_delete_tag**](/glossary#can_delete_tag): \n\n\n\n[**can_delete_where_tag**](/glossary#can_delete_where_tag): true\n\n\n\n[**can_edit_owner_comment**](/glossary#can_edit_owner_comment): true\n\n\n\n[**can_see_bank_account_balance**](/glossary#can_see_bank_account_balance): \n\n\n\n[**can_see_bank_account_bank_name**](/glossary#can_see_bank_account_bank_name): true\n\n\n\n[**can_see_bank_account_currency**](/glossary#can_see_bank_account_currency): \n\n\n\n[**can_see_bank_account_iban**](/glossary#can_see_bank_account_iban): \n\n\n\n[**can_see_bank_account_label**](/glossary#can_see_bank_account_label): true\n\n\n\n[**can_see_bank_account_national_identifier**](/glossary#can_see_bank_account_national_identifier): \n\n\n\n[**can_see_bank_account_number**](/glossary#can_see_bank_account_number): true\n\n\n\n[**can_see_bank_account_owners**](/glossary#can_see_bank_account_owners): true\n\n\n\n[**can_see_bank_account_swift_bic**](/glossary#can_see_bank_account_swift_bic): \n\n\n\n[**can_see_bank_account_type**](/glossary#can_see_bank_account_type): \n\n\n\n[**can_see_comments**](/glossary#can_see_comments): \n\n\n\n[**can_see_corporate_location**](/glossary#can_see_corporate_location): true\n\n\n\n[**can_see_image_url**](/glossary#can_see_image_url): true\n\n\n\n[**can_see_images**](/glossary#can_see_images): true\n\n\n\n[**can_see_more_info**](/glossary#can_see_more_info): \n\n\n\n[**can_see_open_corporates_url**](/glossary#can_see_open_corporates_url): \n\n\n\n[**can_see_other_account_bank_name**](/glossary#can_see_other_account_bank_name): \n\n\n\n[**can_see_other_account_iban**](/glossary#can_see_other_account_iban): \n\n\n\n[**can_see_other_account_kind**](/glossary#can_see_other_account_kind): \n\n\n\n[**can_see_other_account_metadata**](/glossary#can_see_other_account_metadata): \n\n\n\n[**can_see_other_account_national_identifier**](/glossary#can_see_other_account_national_identifier): true\n\n\n\n[**can_see_other_account_number**](/glossary#can_see_other_account_number): true\n\n\n\n[**can_see_other_account_swift_bic**](/glossary#can_see_other_account_swift_bic): true\n\n\n\n[**can_see_owner_comment**](/glossary#can_see_owner_comment): \n\n\n\n[**can_see_physical_location**](/glossary#can_see_physical_location): \n\n\n\n[**can_see_private_alias**](/glossary#can_see_private_alias): \n\n\n\n[**can_see_public_alias**](/glossary#can_see_public_alias): \n\n\n\n[**can_see_tags**](/glossary#can_see_tags): \n\n\n\n[**can_see_transaction_amount**](/glossary#can_see_transaction_amount): true\n\n\n\n[**can_see_transaction_balance**](/glossary#can_see_transaction_balance): \n\n\n\n[**can_see_transaction_currency**](/glossary#can_see_transaction_currency): \n\n\n\n[**can_see_transaction_description**](/glossary#can_see_transaction_description): true\n\n\n\n[**can_see_transaction_finish_date**](/glossary#can_see_transaction_finish_date): \n\n\n\n[**can_see_transaction_metadata**](/glossary#can_see_transaction_metadata): \n\n\n\n[**can_see_transaction_other_bank_account**](/glossary#can_see_transaction_other_bank_account): \n\n\n\n[**can_see_transaction_start_date**](/glossary#can_see_transaction_start_date): \n\n\n\n[**can_see_transaction_this_bank_account**](/glossary#can_see_transaction_this_bank_account): \n\n\n\n[**can_see_transaction_type**](/glossary#can_see_transaction_type): \n\n\n\n[**can_see_url**](/glossary#can_see_url): true\n\n\n\n[**can_see_where_tag**](/glossary#can_see_where_tag): true\n\n\n\n[**description**](/glossary#description): This an optional field. Maximum length is 2000. It can be any characters here.\n\n\n\n[**display_name**](/glossary#display_name): \n\n\n\n[**hide_metadata_if_alias_used**](/glossary#hide_metadata_if_alias_used): \n\n\n\n[**id**](/glossary#id): d8839721-ad8f-45dd-9f78-2080414b93f9\n\n\n\n[**is_public**](/glossary#is_public): true\n\n\n\n[**permissions**](/glossary#permissions): \n\n\n\n[**provider**](/glossary#provider): ETHEREUM\n\n\n\n[**short_name**](/glossary#short_name): \n\n\n\n[**user**](/glossary#User): \n\n\n\n[**views**](/glossary#views): \n\n\n","example_request_body":{"jsonString":"{}"},"success_response_body":{"permissions":[{"user":{"id":"5995d6a2-01b3-423c-a173-5481df49bdaf","provider":"http://127.0.0.1:8080","display_name":"OBP"},"views":[{"id":"123","short_name":"short_name","description":"description","is_public":true,"alias":"None","hide_metadata_if_alias_used":true,"can_add_comment":true,"can_add_corporate_location":true,"can_add_image":true,"can_add_image_url":true,"can_add_more_info":true,"can_add_open_corporates_url":true,"can_add_physical_location":true,"can_add_private_alias":true,"can_add_public_alias":true,"can_add_tag":true,"can_add_url":true,"can_add_where_tag":true,"can_delete_comment":true,"can_delete_corporate_location":true,"can_delete_image":true,"can_delete_physical_location":true,"can_delete_tag":true,"can_delete_where_tag":true,"can_edit_owner_comment":true,"can_see_bank_account_balance":true,"can_see_bank_account_bank_name":true,"can_see_bank_account_currency":true,"can_see_bank_account_iban":true,"can_see_bank_account_label":true,"can_see_bank_account_national_identifier":true,"can_see_bank_account_number":true,"can_see_bank_account_owners":true,"can_see_bank_account_swift_bic":true,"can_see_bank_account_type":true,"can_see_comments":true,"can_see_corporate_location":true,"can_see_image_url":true,"can_see_images":true,"can_see_more_info":true,"can_see_open_corporates_url":true,"can_see_other_account_bank_name":true,"can_see_other_account_iban":true,"can_see_other_account_kind":true,"can_see_other_account_metadata":true,"can_see_other_account_national_identifier":true,"can_see_other_account_number":true,"can_see_other_account_swift_bic":true,"can_see_owner_comment":true,"can_see_physical_location":true,"can_see_private_alias":true,"can_see_public_alias":true,"can_see_tags":true,"can_see_transaction_amount":true,"can_see_transaction_balance":true,"can_see_transaction_currency":true,"can_see_transaction_description":true,"can_see_transaction_finish_date":true,"can_see_transaction_metadata":true,"can_see_transaction_other_bank_account":true,"can_see_transaction_start_date":true,"can_see_transaction_this_bank_account":true,"can_see_transaction_type":true,"can_see_url":true,"can_see_where_tag":true}]}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-30001: Bank not found. Please specify a valid value for BANK_ID.","OBP-30003: Account not found. Please specify a valid value for ACCOUNT_ID.","OBP-50000: Unknown Error."],"tags":["View-Custom","Account","User","Entitlement"],"typed_request_body":{"type":"object","properties":{"jsonString":{"type":"string"}}},"typed_success_response_body":{"type":"object","properties":{"permissions":{"type":"array","items":{"type":"object","properties":{"views":{"type":"array","items":{"type":"object","properties":{"can_see_other_account_swift_bic":{"type":"boolean"},"can_see_where_tag":{"type":"boolean"},"can_see_url":{"type":"boolean"},"can_see_bank_account_swift_bic":{"type":"boolean"},"can_see_tags":{"type":"boolean"},"can_see_transaction_balance":{"type":"boolean"},"can_delete_corporate_location":{"type":"boolean"},"can_add_image_url":{"type":"boolean"},"can_see_public_alias":{"type":"boolean"},"can_add_comment":{"type":"boolean"},"description":{"type":"string"},"can_see_corporate_location":{"type":"boolean"},"can_see_other_account_bank_name":{"type":"boolean"},"can_see_more_info":{"type":"boolean"},"can_see_physical_location":{"type":"boolean"},"can_edit_owner_comment":{"type":"boolean"},"can_see_private_alias":{"type":"boolean"},"can_see_bank_account_balance":{"type":"boolean"},"can_add_public_alias":{"type":"boolean"},"can_see_bank_account_owners":{"type":"boolean"},"can_see_other_account_metadata":{"type":"boolean"},"can_delete_physical_location":{"type":"boolean"},"hide_metadata_if_alias_used":{"type":"boolean"},"can_see_transaction_this_bank_account":{"type":"boolean"},"can_see_image_url":{"type":"boolean"},"can_see_transaction_type":{"type":"boolean"},"can_see_images":{"type":"boolean"},"can_see_transaction_amount":{"type":"boolean"},"can_see_transaction_metadata":{"type":"boolean"},"id":{"type":"string"},"can_see_comments":{"type":"boolean"},"can_see_other_account_iban":{"type":"boolean"},"can_add_image":{"type":"boolean"},"can_see_bank_account_type":{"type":"boolean"},"can_see_other_account_kind":{"type":"boolean"},"can_see_bank_account_currency":{"type":"boolean"},"can_add_where_tag":{"type":"boolean"},"can_see_transaction_start_date":{"type":"boolean"},"can_see_bank_account_label":{"type":"boolean"},"can_add_private_alias":{"type":"boolean"},"can_see_transaction_currency":{"type":"boolean"},"can_add_more_info":{"type":"boolean"},"can_delete_comment":{"type":"boolean"},"can_see_transaction_other_bank_account":{"type":"boolean"},"can_see_bank_account_number":{"type":"boolean"},"can_add_corporate_location":{"type":"boolean"},"can_add_url":{"type":"boolean"},"short_name":{"type":"string"},"can_delete_where_tag":{"type":"boolean"},"is_public":{"type":"boolean"},"can_see_owner_comment":{"type":"boolean"},"can_see_transaction_finish_date":{"type":"boolean"},"can_see_open_corporates_url":{"type":"boolean"},"can_add_physical_location":{"type":"boolean"},"can_see_bank_account_iban":{"type":"boolean"},"can_see_other_account_national_identifier":{"type":"boolean"},"can_delete_image":{"type":"boolean"},"can_add_tag":{"type":"boolean"},"can_add_open_corporates_url":{"type":"boolean"},"can_delete_tag":{"type":"boolean"},"can_see_transaction_description":{"type":"boolean"},"can_see_bank_account_national_identifier":{"type":"boolean"},"can_see_other_account_number":{"type":"boolean"},"can_see_bank_account_bank_name":{"type":"boolean"},"alias":{"type":"string"}}}},"user":{"type":"object","properties":{"provider":{"type":"string"},"display_name":{"type":"string"},"id":{"type":"string"}}}}}}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/banks/BANK_ID/accounts/ACCOUNT_ID/permissions","connector_methods":[]},{"operation_id":"OBPv3.1.0-getAllEntitlements","implemented_by":{"version":"OBPv3.1.0","function":"getAllEntitlements"},"request_verb":"GET","request_url":"/obp/v3.1.0/entitlements","summary":"Get all Entitlements","description":"Login is required.
\nPossible filter on the role field:
\neg: /entitlements?role=CanGetCustomer
\nAuthentication is Mandatory
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\n","description_markdown":"Login is required.\n\nPossible filter on the role field:\n\neg: /entitlements?role=CanGetCustomer\n\n\n\n \n\nAuthentication is Mandatory\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n","success_response_body":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50000: Unknown Error."],"tags":["Role","Entitlement"],"typed_success_response_body":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/entitlements","connector_methods":[]},{"operation_id":"OBPv3.0.0-getEntitlementRequests","implemented_by":{"version":"OBPv3.0.0","function":"getEntitlementRequests"},"request_verb":"GET","request_url":"/obp/v3.0.0/users/USER_ID/entitlement-requests","summary":"Get Entitlement Requests for a User","description":"Get Entitlement Requests for a User.
\nAuthentication is Mandatory
\nURL Parameters:
\nUSER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\n\n\n\n\n\nlist:
\nprovider: ETHEREUM
\n\n\nuser:
\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nusername: felixsmith
\n","description_markdown":"Get Entitlement Requests for a User.\n\n\nAuthentication is Mandatory\n\n\n**URL Parameters:**\n\n[USER_ID](/glossary#User.user_id): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**created**](/glossary#created): \n\n\n\n[**email**](/glossary#): felixsmith@example.com\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**entitlement_request_id**](/glossary#entitlement_request_id): \n\n\n\n[**entitlement_requests**](/glossary#entitlement_requests): \n\n\n\n[**entitlements**](/glossary#entitlements): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**provider**](/glossary#provider): ETHEREUM\n\n\n\n[**provider_id**](/glossary#provider_id): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user**](/glossary#User): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n[**username**](/glossary#): felixsmith\n\n\n","success_response_body":{"entitlement_requests":[{"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723","user":{"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1","email":"felixsmith@example.com","provider_id":"Chris","provider":"http://127.0.0.1:8080","username":"felixsmith","entitlements":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]}},"role_name":"CanQueryOtherUser","bank_id":"gh.29.uk","created":"1100-01-01T00:00:00Z"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50200: Connector cannot return the data we requested.","OBP-50000: Unknown Error.","OBP-20006: User is missing one or more roles: "],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"entitlement_requests":{"type":"array","items":{"type":"object","properties":{"entitlement_request_id":{"type":"string"},"role_name":{"type":"string"},"bank_id":{"type":"string"},"user":{"type":"object","properties":{"provider":{"type":"string"},"email":{"type":"string"},"provider_id":{"type":"string"},"entitlements":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"username":{"type":"string"},"user_id":{"type":"string"}}},"created":{"type":"string","format":"date-time"}}}}}},"roles":[{"role":"CanGetEntitlementRequestsAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/users/USER_ID/entitlement-requests","connector_methods":[]},{"operation_id":"OBPv3.0.0-getEntitlementRequestsForCurrentUser","implemented_by":{"version":"OBPv3.0.0","function":"getEntitlementRequestsForCurrentUser"},"request_verb":"GET","request_url":"/obp/v3.0.0/my/entitlement-requests","summary":"Get Entitlement Requests for the current User","description":"Get Entitlement Requests for the current User.
\nAuthentication is Mandatory
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\n\n\n\n\n\nlist:
\nprovider: ETHEREUM
\n\n\nuser:
\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nusername: felixsmith
\n","description_markdown":"Get Entitlement Requests for the current User.\n\n\nAuthentication is Mandatory\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**created**](/glossary#created): \n\n\n\n[**email**](/glossary#): felixsmith@example.com\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**entitlement_request_id**](/glossary#entitlement_request_id): \n\n\n\n[**entitlement_requests**](/glossary#entitlement_requests): \n\n\n\n[**entitlements**](/glossary#entitlements): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**provider**](/glossary#provider): ETHEREUM\n\n\n\n[**provider_id**](/glossary#provider_id): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user**](/glossary#User): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n[**username**](/glossary#): felixsmith\n\n\n","success_response_body":{"entitlement_requests":[{"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723","user":{"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1","email":"felixsmith@example.com","provider_id":"Chris","provider":"http://127.0.0.1:8080","username":"felixsmith","entitlements":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]}},"role_name":"CanQueryOtherUser","bank_id":"gh.29.uk","created":"1100-01-01T00:00:00Z"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50200: Connector cannot return the data we requested.","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"entitlement_requests":{"type":"array","items":{"type":"object","properties":{"entitlement_request_id":{"type":"string"},"role_name":{"type":"string"},"bank_id":{"type":"string"},"user":{"type":"object","properties":{"provider":{"type":"string"},"email":{"type":"string"},"provider_id":{"type":"string"},"entitlements":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"username":{"type":"string"},"user_id":{"type":"string"}}},"created":{"type":"string","format":"date-time"}}}}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/my/entitlement-requests","connector_methods":[]},{"operation_id":"OBPv3.0.0-addEntitlementRequest","implemented_by":{"version":"OBPv3.0.0","function":"addEntitlementRequest"},"request_verb":"POST","request_url":"/obp/v3.0.0/entitlement-requests","summary":"Create Entitlement Request for current User","description":"Create Entitlement Request.
\nAny logged in User can use this endpoint to request an Entitlement
\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
\nAuthentication is Mandatory
\nJSON request body fields:
\nbank_id: gh.29.uk
\n\nJSON response body fields:
\nbank_id: gh.29.uk
\n\n\n\n\n\nlist:
\nprovider: ETHEREUM
\n\n\nuser:
\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nusername: felixsmith
\n","description_markdown":"Create Entitlement Request.\n\nAny logged in User can use this endpoint to request an Entitlement\n\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)\n\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. \"bank_id\":\"\"\n\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. \"bank_id\":\"my-bank-id\"\n\n\n\nAuthentication is Mandatory\n\n\n**JSON request body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**created**](/glossary#created): \n\n\n\n[**email**](/glossary#): felixsmith@example.com\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**entitlement_request_id**](/glossary#entitlement_request_id): \n\n\n\n[**entitlements**](/glossary#entitlements): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**provider**](/glossary#provider): ETHEREUM\n\n\n\n[**provider_id**](/glossary#provider_id): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user**](/glossary#User): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n[**username**](/glossary#): felixsmith\n\n\n","example_request_body":{"bank_id":"gh.29.uk","role_name":"CanCreateBranch"},"success_response_body":{"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723","user":{"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1","email":"felixsmith@example.com","provider_id":"Chris","provider":"http://127.0.0.1:8080","username":"felixsmith","entitlements":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]}},"role_name":"CanQueryOtherUser","bank_id":"gh.29.uk","created":"1100-01-01T00:00:00Z"},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-20005: User not found. Please specify a valid value for USER_ID.","OBP-10001: Incorrect json format.","OBP-10007: Incorrect Role name:","OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.","OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.","OBP-30214: Entitlement Request already exists for the user.","OBP-30217: Entitlement Request cannot be added.","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_request_body":{"type":"object","properties":{"bank_id":{"type":"string"},"role_name":{"type":"string"}}},"typed_success_response_body":{"type":"object","properties":{"entitlement_request_id":{"type":"string"},"role_name":{"type":"string"},"bank_id":{"type":"string"},"user":{"type":"object","properties":{"provider":{"type":"string"},"email":{"type":"string"},"provider_id":{"type":"string"},"entitlements":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"username":{"type":"string"},"user_id":{"type":"string"}}},"created":{"type":"string","format":"date-time"}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/entitlement-requests","connector_methods":[]},{"operation_id":"OBPv4.0.0-getEntitlementsForBank","implemented_by":{"version":"OBPv4.0.0","function":"getEntitlementsForBank"},"request_verb":"GET","request_url":"/obp/v4.0.0/banks/BANK_ID/entitlements","summary":"Get Entitlements for One Bank","description":"Authentication is Mandatory
\nURL Parameters:
\nBANK_ID: gh.29.uk
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\n","description_markdown":"Authentication is Mandatory\n\n\n**URL Parameters:**\n\n[BANK_ID](/glossary#Bank.bank_id): gh.29.uk\n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n","success_response_body":{"list":[{"entitlement_id":"","role_name":"","bank_id":"gh.29.uk","user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-20006: User is missing one or more roles: ","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"entitlement_id":{"type":"string"},"bank_id":{"type":"string"},"role_name":{"type":"string"},"user_id":{"type":"string"}}}}}},"roles":[{"role":"CanGetEntitlementsForOneBank","requires_bank_id":true},{"role":"CanGetEntitlementsForAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/banks/BANK_ID/entitlements","connector_methods":[]},{"operation_id":"OBPv4.0.0-getEntitlements","implemented_by":{"version":"OBPv4.0.0","function":"getEntitlements"},"request_verb":"GET","request_url":"/obp/v4.0.0/users/USER_ID/entitlements","summary":"Get Entitlements for User","description":"Authentication is Mandatory
\nURL Parameters:
\nUSER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\n","description_markdown":"Authentication is Mandatory\n\n\n**URL Parameters:**\n\n[USER_ID](/glossary#User.user_id): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n","success_response_body":{"list":[{"entitlement_id":"","role_name":"","bank_id":"gh.29.uk","user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-20006: User is missing one or more roles: ","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"entitlement_id":{"type":"string"},"bank_id":{"type":"string"},"role_name":{"type":"string"},"user_id":{"type":"string"}}}}}},"roles":[{"role":"CanGetEntitlementsForAnyUserAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/users/USER_ID/entitlements","connector_methods":[]},{"operation_id":"OBPv2.0.0-deleteEntitlement","implemented_by":{"version":"OBPv2.0.0","function":"deleteEntitlement"},"request_verb":"DELETE","request_url":"/obp/v2.0.0/users/USER_ID/entitlement/ENTITLEMENT_ID","summary":"Delete Entitlement","description":"Delete Entitlement specified by ENTITLEMENT_ID for an user specified by USER_ID
\nAuthentication is required and the user needs to be a Super Admin.
\nSuper Admins are listed in the Props file.
Authentication is Mandatory
\nURL Parameters:
\n\nUSER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nJSON response body fields:
\n","description_markdown":"Delete Entitlement specified by ENTITLEMENT_ID for an user specified by USER_ID\n\nAuthentication is required and the user needs to be a Super Admin.\nSuper Admins are listed in the Props file.\n\n\n \n\nAuthentication is Mandatory\n\n\n**URL Parameters:**\n\n[ENTITLEMENT_ID](/glossary#entitlement_id): \n\n\n\n[USER_ID](/glossary#User.user_id): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n\n\n**JSON response body fields:**\n\n\n","example_request_body":{"jsonString":"{}"},"success_response_body":{"jsonString":"{}"},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-30212: EntitlementId not found","OBP-50000: Unknown Error."],"tags":["Role","User","Entitlement"],"typed_request_body":{"type":"object","properties":{"jsonString":{"type":"string"}}},"typed_success_response_body":{"type":"object","properties":{"jsonString":{"type":"string"}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/users/USER_ID/entitlement/ENTITLEMENT_ID","connector_methods":[]},{"operation_id":"OBPv2.0.0-addEntitlement","implemented_by":{"version":"OBPv2.0.0","function":"addEntitlement"},"request_verb":"POST","request_url":"/obp/v2.0.0/users/USER_ID/entitlements","summary":"Add Entitlement for a User","description":"Create Entitlement. Grant Role to User.
\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)
\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. "bank_id":""
\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. "bank_id":"my-bank-id"
\nAuthentication is required and the user needs to be a Super Admin. Super Admins are listed in the Props file.
\nAuthentication is Mandatory
\nURL Parameters:
\nUSER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nJSON request body fields:
\nbank_id: gh.29.uk
\n\nJSON response body fields:
\nbank_id: gh.29.uk
\n\n\n","description_markdown":"Create Entitlement. Grant Role to User.\n\nEntitlements are used to grant System or Bank level roles to Users. (For Account level privileges, see Views)\n\nFor a System level Role (.e.g CanGetAnyUser), set bank_id to an empty string i.e. \"bank_id\":\"\"\n\nFor a Bank level Role (e.g. CanCreateAccount), set bank_id to a valid value e.g. \"bank_id\":\"my-bank-id\"\n\nAuthentication is required and the user needs to be a Super Admin. Super Admins are listed in the Props file.\n\nAuthentication is Mandatory\n\n\n**URL Parameters:**\n\n[USER_ID](/glossary#User.user_id): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n\n\n**JSON request body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n","example_request_body":{"bank_id":"gh.29.uk","role_name":"CanCreateBranch"},"success_response_body":{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-20005: User not found. Please specify a valid value for USER_ID.","OBP-20050: Current User is not a Super Admin!","OBP-10001: Incorrect json format.","OBP-10007: Incorrect Role name:","OBP-30205: This entitlement is a Bank Role. Please set bank_id to a valid bank id.","OBP-30206: This entitlement is a System Role. Please set bank_id to empty string.","OBP-30216: Entitlement already exists for the user.","OBP-50000: Unknown Error.","OBP-20006: User is missing one or more roles: "],"tags":["Role","Entitlement","User"],"typed_request_body":{"type":"object","properties":{"bank_id":{"type":"string"},"role_name":{"type":"string"}}},"typed_success_response_body":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}},"roles":[{"role":"CanCreateEntitlementAtOneBank","requires_bank_id":true},{"role":"CanCreateEntitlementAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/users/USER_ID/entitlements","connector_methods":[]},{"operation_id":"OBPv3.0.0-getAllEntitlementRequests","implemented_by":{"version":"OBPv3.0.0","function":"getAllEntitlementRequests"},"request_verb":"GET","request_url":"/obp/v3.0.0/entitlement-requests","summary":"Get all Entitlement Requests","description":"Get all Entitlement Requests
\nAuthentication is Mandatory
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\n\n\n\n\n\nlist:
\nprovider: ETHEREUM
\n\n\nuser:
\nuser_id: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nusername: felixsmith
\n","description_markdown":"Get all Entitlement Requests\n\nAuthentication is Mandatory\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**created**](/glossary#created): \n\n\n\n[**email**](/glossary#): felixsmith@example.com\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**entitlement_request_id**](/glossary#entitlement_request_id): \n\n\n\n[**entitlement_requests**](/glossary#entitlement_requests): \n\n\n\n[**entitlements**](/glossary#entitlements): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**provider**](/glossary#provider): ETHEREUM\n\n\n\n[**provider_id**](/glossary#provider_id): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n\n[**user**](/glossary#User): \n\n\n\n[**user_id**](/glossary#): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n[**username**](/glossary#): felixsmith\n\n\n","success_response_body":{"entitlement_requests":[{"entitlement_request_id":"6fb17583-1e49-4435-bb74-a14fe0996723","user":{"user_id":"9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1","email":"felixsmith@example.com","provider_id":"Chris","provider":"http://127.0.0.1:8080","username":"felixsmith","entitlements":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]}},"role_name":"CanQueryOtherUser","bank_id":"gh.29.uk","created":"1100-01-01T00:00:00Z"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50200: Connector cannot return the data we requested.","OBP-50000: Unknown Error.","OBP-20006: User is missing one or more roles: "],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"entitlement_requests":{"type":"array","items":{"type":"object","properties":{"entitlement_request_id":{"type":"string"},"role_name":{"type":"string"},"bank_id":{"type":"string"},"user":{"type":"object","properties":{"provider":{"type":"string"},"email":{"type":"string"},"provider_id":{"type":"string"},"entitlements":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"username":{"type":"string"},"user_id":{"type":"string"}}},"created":{"type":"string","format":"date-time"}}}}}},"roles":[{"role":"CanGetEntitlementRequestsAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/entitlement-requests","connector_methods":[]},{"operation_id":"OBPv3.0.0-deleteEntitlementRequest","implemented_by":{"version":"OBPv3.0.0","function":"deleteEntitlementRequest"},"request_verb":"DELETE","request_url":"/obp/v3.0.0/entitlement-requests/ENTITLEMENT_REQUEST_ID","summary":"Delete Entitlement Request","description":"Delete the Entitlement Request specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID
\nAuthentication is Mandatory
\nURL Parameters:
\n\nJSON response body fields:
\n","description_markdown":"Delete the Entitlement Request specified by ENTITLEMENT_REQUEST_ID for a user specified by USER_ID\n\n\nAuthentication is Mandatory\n\n\n**URL Parameters:**\n\n[ENTITLEMENT_REQUEST_ID](/glossary#entitlement_request_id): \n\n\n\n\n\n**JSON response body fields:**\n\n\n","error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50200: Connector cannot return the data we requested.","OBP-50000: Unknown Error.","OBP-20006: User is missing one or more roles: "],"tags":["Role","Entitlement","User"],"roles":[{"role":"CanDeleteEntitlementRequestsAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/entitlement-requests/ENTITLEMENT_REQUEST_ID","connector_methods":[]},{"operation_id":"OBPv3.0.0-getEntitlementsForCurrentUser","implemented_by":{"version":"OBPv3.0.0","function":"getEntitlementsForCurrentUser"},"request_verb":"GET","request_url":"/obp/v3.0.0/my/entitlements","summary":"Get Entitlements for the current User","description":"Get Entitlements for the current User.
\nAuthentication is Mandatory
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\n","description_markdown":"Get Entitlements for the current User.\n\n\nAuthentication is Mandatory\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n","success_response_body":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-50200: Connector cannot return the data we requested.","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_success_response_body":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/my/entitlements","connector_methods":[]},{"operation_id":"OBPv2.1.0-getEntitlementsByBankAndUser","implemented_by":{"version":"OBPv2.1.0","function":"getEntitlementsByBankAndUser"},"request_verb":"GET","request_url":"/obp/v2.1.0/banks/BANK_ID/users/USER_ID/entitlements","summary":"Get Entitlements for User at Bank","description":"Get Entitlements specified by BANK_ID and USER_ID
\nAuthentication is Mandatory
\nURL Parameters:
\nBANK_ID: gh.29.uk
\nUSER_ID: 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1
\nJSON response body fields:
\nbank_id: gh.29.uk
\n\nlist:
\n\n","description_markdown":"Get Entitlements specified by BANK_ID and USER_ID\n\nAuthentication is Mandatory\n\n\n**URL Parameters:**\n\n[BANK_ID](/glossary#Bank.bank_id): gh.29.uk\n\n\n\n[USER_ID](/glossary#User.user_id): 9ca9a7e4-6d02-40e3-a129-0b2bf89de9b1\n\n\n\n\n\n**JSON response body fields:**\n\n\n\n[**bank_id**](/glossary#): gh.29.uk\n\n\n\n[**entitlement_id**](/glossary#entitlement_id): \n\n\n\n[**list**](/glossary#list): \n\n\n\n[**role_name**](/glossary#role_name): \n\n\n","example_request_body":{"jsonString":"{}"},"success_response_body":{"list":[{"entitlement_id":"6fb17583-1e49-4435-bb74-a14fe0996723","role_name":"CanQueryOtherUser","bank_id":"gh.29.uk"}]},"error_response_bodies":["OBP-20001: User not logged in. Authentication is required!","OBP-20006: User is missing one or more roles: ","OBP-50000: Unknown Error."],"tags":["Role","Entitlement","User"],"typed_request_body":{"type":"object","properties":{"jsonString":{"type":"string"}}},"typed_success_response_body":{"type":"object","properties":{"list":{"type":"array","items":{"type":"object","properties":{"role_name":{"type":"string"},"bank_id":{"type":"string"},"entitlement_id":{"type":"string"}}}}}},"roles":[{"role":"CanGetEntitlementsForAnyUserAtOneBank","requires_bank_id":true},{"role":"CanGetEntitlementsForAnyUserAtAnyBank","requires_bank_id":false}],"is_featured":false,"special_instructions":"","specified_url":"/obp/v5.0.0/banks/BANK_ID/users/USER_ID/entitlements","connector_methods":[]}]}