API Overview Resources Schemas

Consents

API operation of consents.

Given an MSISDN, a scope, and an application, returns the accepted, rejected, and pending consents.

POST /orgs/{org_id}/consents/validate

Parameters

Name	In	Type	Required	Description
org_id	path	string	true	‘none’
body	body	ConsentsValidateRequest	true	‘none’

Request body - instance of ConsentsValidateRequest

 1
 2
 3
 4
 5
 6
 7
 8
 9
10


{
  "msisdn": "+123456789",
  "application": "alphabet-xxxxx",
  "client": "youtube",
  "scopes": [
    "FraudPreventionAndDetection:SimSwap",
    "FraudPreventionAndDetection:NumberVerification",
    "FraudPreventionAndDetection:SIMCardChange"
  ]
}

Name	Type	Required	Description
msisdn	string	false	A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with ‘+’.
application	string	false	Aggregator and Application Owner combination under which the application making the request is located.
client	string	false	Application that makes the request to consume the capacity.
scopes	[string]	false	capabilities to be consumed

Request example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15



curl -X POST https://opengateway.masstack.com/v1/orgs/{org_id}/consents/validate \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
 --data-raw "{
  'msisdn': '+123456789',
  'application': 'alphabet-xxxxx',
  'client': 'youtube',
  'scopes': [
    'FraudPreventionAndDetection:SimSwap',
    'FraudPreventionAndDetection:NumberVerification',
    'FraudPreventionAndDetection:SIMCardChange'
  ]
}" 

Responses

Code	Meaning	Description	Schema
200	OK	OK	Inline
400	Bad Request	Problem with the client request	ConsentsErrorInfo
401	Unauthorized	Unauthorized	ConsentsErrorInfo
403	Forbidden	Client does not have sufficient permission.	ConsentsErrorInfo
500	Internal Server Error	Server error	ConsentsErrorInfo
503	Service Unavailable	Service unavailable. Typically the server is down.	ConsentsErrorInfo
504	Gateway Time-out	Request time exceeded. If it happens repeatedly, consider reducing the request complexity	ConsentsErrorInfo

200 - JsonObject

Custom schema example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14


{
  "consents": [
    {
      "id": "SimSwap_FraudPreventionAndDetection_Agregador1App1",
      "scope": "FraudPreventionAndDetection:SimSwap",
      "status": "ACCEPTED"
    },
    {
      "id": "NumberVerification_FraudPreventionAndDetection_Agregador2App2",
      "scope": "FraudPreventionAndDetection:NumberVerification",
      "status": "PENDING"
    }
  ]
}

None

400 - instance of ConsentsErrorInfo

Custom schema example

1
2
3
4
5


{
  "status": 400,
  "code": "INVALID_ARGUMENT",
  "message": "Client specified an invalid argument, request body or query param"
}

Name	Type	Required	Description
status	integer	true	HTTP response status code
code	string	true	Code given to this error
message	string	true	Detailed error description

500 - instance of ConsentsErrorInfo

Custom schema example

1
2
3
4
5


{
  "status": 401,
  "code": "UNAUTHENTICATED",
  "message": "Request not authenticated due to missing, invalid, or expired credentials."
}

Name	Type	Required	Description
status	integer	true	HTTP response status code
code	string	true	Code given to this error
message	string	true	Detailed error description

503 - instance of ConsentsErrorInfo

Custom schema example

1
2
3
4
5


{
  "status": 401,
  "code": "AUTHENTICATION_REQUIRED",
  "message": "New authentication is required."
}

Name	Type	Required	Description
status	integer	true	HTTP response status code
code	string	true	Code given to this error
message	string	true	Detailed error description

504 - instance of ConsentsErrorInfo

Custom schema example

1
2
3
4
5


{
  "status": 403,
  "code": "PERMISSION_DENIED",
  "message": "Client does not have sufficient permissions to perform this action."
}

Name	Type	Required	Description
status	integer	true	HTTP response status code
code	string	true	Code given to this error
message	string	true	Detailed error description

Given an scope, purpose, and application (AppName and ClientName), check if the parent exists, and if exist, create a new one.

POST /orgs/{org_id}/consents/create

Parameters

Name	In	Type	Required	Description
org_id	path	string	true	‘none’
body	body	ConsentsCreateRequest	true	‘none’

Request body - instance of ConsentsCreateRequest

1
2
3
4
5
6


{
  "application": "alphabet-xxxxx",
  "client": "youtube",
  "scope": "SimSwap",
  "purpose": "FraudPreventionAndDetection"
}

Name	Type	Required	Description
application	string	false	Aggregator and Application Owner combination under which the application making the request is located.
client	string	false	Application that makes the request to consume the capacity.
scope	string	false	capabilities to be consumed
purpose	string	false	purpose for which the capability is to be consumed

Request example

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11



curl -X POST https://opengateway.masstack.com/v1/orgs/{org_id}/consents/create \
  -H "Content-Type: application/json" \
  -H "Accept: application/json" \
 --data-raw "{
  'application': 'alphabet-xxxxx',
  'client': 'youtube',
  'scope': 'SimSwap',
  'purpose': 'FraudPreventionAndDetection'
}" 

Responses

Code	Meaning	Description	Schema
201	Created	CREATED	None
400	Bad Request	Problem with the client request	ConsentsErrorInfo
401	Unauthorized	Unauthorized	ConsentsErrorInfo
403	Forbidden	Client does not have sufficient permission.	ConsentsErrorInfo
500	Internal Server Error	Server error	ConsentsErrorInfo
503	Service Unavailable	Service unavailable. Typically the server is down.	ConsentsErrorInfo
504	Gateway Time-out	Request time exceeded. If it happens repeatedly, consider reducing the request complexity	ConsentsErrorInfo

Endpoints

Consents

Number Verification

Sim Swap