Consumer API

Register consumer

put

/issuers/{issuerId}/consumers/{consumerId}

This request is used by the bank backend to request the registration of the end user with personal information.

Note
It is strongly recommended to provide the end user personal information such as first and last name, email, phone number, postal address. Personal information is used in D1 Tokenization by the Decision Engine or in D1 Push when building the card information to push to OEM Wallet.

Note
Some end user personal information are mandatory for issuers using D1 Click to Pay service. These mandatory personal information such as mobilePhoneNumber or language are tagged bellow with "This field is mandatory for Click to Pay".

Authorizations

AuthorizationstringRequired

A JWT generated by the Get Authorization Token API.
The server checks the validity of the provided token to control access to this protected resource. Please refer to Get OAuth 2.0 access token for more details on the flow and on how to get this JWT.

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

x-user-idstringOptional

Identifier of the user that requests the operation on D1 API. This value is provided for information purpose, D1 doesn't do any verification based on this identifier.
D1 manages to propagate the information to a subsequent internal system for tracking purpose.
This identifier is not mandatory.

Pattern: ^[A-Za-z0-9_-]{1,15}$

Body

The following object represent the end user (consumer).

Responses

204

Successful consumer registration.

400

Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
FIELD_INVALID_FORMAT	Contains the field in error (first found)	no	JSON not well formatted or One field is not expected format as defined in this documentation
FIELD_INVALID_VALUE	-	no	One field value is not allowed for the given field

application/json

401

Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field "error" is provided.

errorCode	error	Retryable	Comments
AUTHORIZER_UNAUTHORIZED	Unauthorized message	no	Access token not valid

application/json

403

Forbidden action, check the state of the linked consumer or card. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
AUTHORIZER_FORBIDDEN	not_authorized error message	no	User_is_not_authorized_to_access_this_resource
CONSUMER_INVALID_STATE	contains the state of the resource	no	Consumer already exists and is deleted
MISSING_C2P_MANDATORY_INFORMATION	contains the missing field	no	All required fields for Click to Pay are not present (firstName, lastName, language, mobilePhoneNumber, countryCode, email) or residencyAddress.state length > 3

application/json

404

Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available

application/json

500

Internal Server Error. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	yes	No error details available
INTERNAL_ERROR	Error details if any	no	The server has encountered an error when executing the request.

503

The service is temporarily unavailable. You may retry your request later.

put

/issuers/{issuerId}/consumers/{consumerId}

PUT /banking/v2/issuers/{issuerId}/consumers/{consumerId} HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 560

{
  "personalInformation": {
    "gender": "MALE",
    "language": "eng",
    "firstName": "John",
    "middleName": "John",
    "lastName": "Doe",
    "secondLastName": "Doe",
    "dateOfBirth": "1990-01-01",
    "title": "Mr.",
    "nationality": "FR",
    "email": "john.doe@dummymail.com",
    "mobilePhoneNumber": {
      "countryCode": "+420",
      "phoneNumber": "777222333"
    },
    "residencyAddress": {
      "recipientName": "Mr The Concierge",
      "line1": "Address line",
      "line2": "Address line",
      "line3": "Address line",
      "line4": "Address line",
      "city": "Prague",
      "state": "21",
      "zipCode": "140 00",
      "countryCode": "CZ"
    }
  },
  "preferences": {
    "notificationChannel": [
      "SMS"
    ]
  }
}

No content

Delete

post

/issuers/{issuerId}/consumers/{consumerId}/operations:delete

This request is used by the bank backend to request the deletion of an end user. It will also in cascade delete all the accounts, cards and digital cards owned by the end user. Note: The deletion of the end user cannot be reverted. If the same end user is willing to reuse the solution, we will require a new end user registration with a new consumerId.

Authorizations

AuthorizationstringRequired

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

x-user-idstringOptional

Pattern: ^[A-Za-z0-9_-]{1,15}$

Body

reasonstringOptional

The reason why the action is performed.

This a free text field in case the bank wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$

Responses

200

End user was deleted Successfully

application/json

operationIdstring · min: 1 · max: 64Optional

Unique identifier of the operation

Pattern: ^[A-Za-z0-9_-]{1,64}$

400

Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
FIELD_INVALID_FORMAT	Contains the field in error (first found)	no	JSON not well formatted or One field is not expected format as defined in this documentation

application/json

401

Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field "error" is provided.

errorCode	error	Retryable	Comments
AUTHORIZER_UNAUTHORIZED	Unauthorized message	no	Access token not valid

application/json

403

Forbidden action detected by WAF or the application.
The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
AUTHORIZER_FORBIDDEN	not authorized error message	no	User is not authorized to access this resource

application/json

404

Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
UNKNOWN_CONSUMER	-	no	Consumer does not exist

application/json

500

Internal Server Error. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
INTERNAL_ERROR	error details if any	no	The server has encountered an error when executing the request.

application/json

503

The service is temporarily unavailable. You may retry your request later.

post

/issuers/{issuerId}/consumers/{consumerId}/operations:delete

POST /banking/v2/issuers/{issuerId}/consumers/{consumerId}/operations:delete HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "reason": "customer was contacted on June 28"
}

{
  "operationId": "text"
}

Update consumer information

post

/issuers/{issuerId}/consumers/{consumerId}/operations:update

This request is used by the bank backend to request the update of the consumer information.

Note
Some end user personal information are mandatory for issuers using D1 Click to Pay service. These mandatory personal information such as mobilePhoneNumber or language are tagged bellow with "This field is mandatory for Click to Pay".

Authorizations

AuthorizationstringRequired

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

x-user-idstringOptional

Pattern: ^[A-Za-z0-9_-]{1,15}$

Body

The following object represent the information of the consumer or cardholder.

Responses

200

Consumer successfully updated.

application/json

operationIdstring · min: 1 · max: 64Optional

Unique identifier of the operation

Pattern: ^[A-Za-z0-9_-]{1,64}$

400

Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
FIELD_INVALID_FORMAT	Contains the field in error (first found)	no	JSON not well formatted or One field is not expected format as defined in this documentation
FIELD_INVALID_VALUE	-	no	One field value is not allowed for the given field

application/json

401

Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field "error" is provided.

errorCode	error	Retryable	Comments
AUTHORIZER_UNAUTHORIZED	Unauthorized message	no	Access token not valid

application/json

403

Forbidden action, check the state of the linked consumer or card. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
AUTHORIZER_FORBIDDEN	not_authorized error message	no	User_is_not_authorized_to_access_this_resource
CONSUMER_INVALID_STATE	contains the state of the resource	no	Consumer already exists and is deleted
MISSING_C2P_MANDATORY_INFORMATION	contains the missing field	no	All required fields for Click to Pay are not present (firstName, lastName, language, mobilePhoneNumber, countryCode, email) or residencyAddress.state length > 3

application/json

404

Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
UNKNOWN_CONSUMER	-	no	Consumer does not exist

application/json

500

Internal Server Error. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
INTERNAL_ERROR	Error details if any	no	The server has encountered an error when executing the request.

503

The service is temporarily unavailable. You may retry your request later.

post

/issuers/{issuerId}/consumers/{consumerId}/operations:update

POST /banking/v2/issuers/{issuerId}/consumers/{consumerId}/operations:update HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 558

{
  "personalInformation": {
    "gender": "MALE",
    "language": "eng",
    "firstName": "John",
    "middleName": "John",
    "lastName": "Doe",
    "secondLastName": "Doe",
    "dateOfBirth": "1990-01-01",
    "title": "Mr.",
    "nationality": "FR",
    "email": "john.doe@dummymail.com",
    "mobilePhoneNumber": {
      "countryCode": "+420",
      "phoneNumber": "777222333"
    },
    "residencyAddress": {
      "recipientName": "Mr The Concierge",
      "line1": "Address line",
      "line2": "Address line",
      "line3": "Address line",
      "line4": "Address line",
      "city": "Prague",
      "state": 21,
      "zipCode": "140 00",
      "countryCode": "CZ"
    }
  },
  "preferences": {
    "notificationChannel": [
      "SMS"
    ]
  }
}

{
  "operationId": "text"
}

Get Card List

get

/issuers/{issuerId}/consumers/{consumerId}/cards

This request is used to request the end user card list. It will return the cards & digital cards and associated accounts.

Authorizations

AuthorizationstringRequired

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

x-user-idstringOptional

Pattern: ^[A-Za-z0-9_-]{1,15}$

Responses

200

Successful get end user card list

application/json

400

Bad Request, Invalid request URI, header, paramters. The below table defines the possible 'Bad request' error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
FIELD_INVALID_FORMAT	Contains the field in error (first found)	no	JSON not well formatted or One field is not expected format as defined in this documentation

application/json

401

Unauthorized request, the provided Authorization header is missing or invalid. In the table below only the field "error" is provided.

errorCode	error	Retryable	Comments
AUTHORIZER_UNAUTHORIZED	Unauthorized message	no	Access token not valid

application/json

403

Forbidden action detected by WAF or the application.
The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
AUTHORIZER_FORBIDDEN	not authorized error message	no	User is not authorized to access this resource
CONSUMER_INVALID_STATE	Deleted consumer message	no	Consumer is in DELETED state

application/json

404

Ressource not found, Unknown issuerId or consumerId or card id'. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
UNKNOWN_CONSUMER	-	no	Consumer does not exist

application/json

500

Internal Server Error. The below table defines the possible error:

errorCode	error	Retryable	Comments
-	-	no	No error details available
INTERNAL_ERROR	error details if any	no	The server has encountered an error when executing the request.

application/json

503

The service is temporarily unavailable. You may retry your request later.

get

/issuers/{issuerId}/consumers/{consumerId}/cards

GET /banking/v2/issuers/{issuerId}/consumers/{consumerId}/cards HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

Get all operations

get

/issuers/{issuerId}/consumers/{consumerId}/operations

This request is used by the issuer backend to retrieve the operations details of an end user (consumer).

If no operations are available for the given consumerId, an empty list is returned.

Operations that are older than 3 months will be removed.

Authorizations

AuthorizationstringRequired

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Query parameters

offsetintegerOptional

Index from which the query starts returning operations (default value: 0)

limitinteger · min: 1 · max: 50Optional

Upper limit of the query

Default: 10

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Responses

200

List of operations associated to the consumerId.

application/json

remainingOperationsintegerOptional

400

Malformed request

application/json

401

The provided Authorization header is missing or invalid

application/json

404

Resource not found, Unknown issuerId or consumerId or accountId or digital card id

application/json

500

Internal Server Error

application/json

get

/issuers/{issuerId}/consumers/{consumerId}/operations

GET /banking/v2/issuers/{issuerId}/consumers/{consumerId}/operations HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "operations": [
    {
      "operationId": "text",
      "operation": "CLICK_TO_PAY_OPTOUT",
      "status": "SUCCESSFUL",
      "startTime": "2022-06-16T06:28:02.492Z",
      "endTime": "2022-06-16T06:28:32.492Z",
      "requestorType": "ISSUER",
      "requestorId": "text",
      "reason": "customer was contacted on June 28",
      "reasonCode": "USER_DECISION",
      "details": {
        "appInstanceId": "text"
      },
      "errorCode": "text",
      "error": "text"
    }
  ],
  "remainingOperations": 1
}

Get operation

get

/issuers/{issuerId}/consumers/{consumerId}/operations/{operationId}

This request is used by the issuer backend to retrieve the information related to an operation on the given end user (consumer).

Authorizations

AuthorizationstringRequired

Path parameters

issuerIdstring · min: 10 · max: 10Required

The id of the issuer

consumerIdstring · min: 1 · max: 64Required

Unique identifier of the consumer.

Pattern: ^[A-Za-z0-9_-]{1,64}$

operationIdstring · min: 1 · max: 64Required

Unique identifier of the operation

Pattern: ^[A-Za-z0-9_-]{1,64}$

Header parameters

x-correlation-idstringOptional

Random identifier which can be used to correlate the different API calls done as part of a single use-case. This identifier will be the one primarily used for troubleshooting.

Warning: This identifier should not be derived from sensitive personal data, as its value will be logged in clear.

There is no strong guarantee of the uniqueness of this identifier, so please refrain from using it for other purpose than logging and troubleshooting.

Pattern: ^[A-Za-z0-9_-]{1,64}$

Responses

200

The consumer operation.

application/json

Operation details related to a specific operationId

operationIdstring · min: 1 · max: 64Required

Unique identifier of the operation

Pattern: ^[A-Za-z0-9_-]{1,64}$

operationstring · enumRequired

The operation type.

Possible values:

statusstring · enumRequired

Status of the operation

Possible values:

startTimestring · min: 1 · max: 64Required

The time the request has been processed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD

Example: 2022-06-16T06:28:02.492Z

endTimestring · min: 1 · max: 64Optional

The time the operation has been completed. Format ISO 8601 YYYY-MM-DDThh:mm:ssTZD note: This is an optional field and might not be returned for synchronous operations.

Example: 2022-06-16T06:28:32.492Z

requestorTypestring · enumRequiredPossible values:

requestorIdstringRequired

Identifier of the principal who initiates the operation

consumerId if requestorType is USER
issuerId if requestorType is ISSUER
cci user id if requestorType is CCI

reasonstringOptional

The reason why the action is performed.

This a free text field in case the bank wants to send details, that will be returned in the operations list.

Example: customer was contacted on June 28Pattern: ^[a-zA-Z0-9 ]{1,64}$

reasonCodestring · enumOptionalPossible values:

detailsone ofOptional

errorCodestringOptional

External error code

errorstring · max: 256Optional

Human readable string representing the error, only present in case of operation failure

Pattern: /^[a-zA-Z0-9_ \/\\\[\],.'#;:{}()?!*-]*$/

400

Malformed request

application/json

401

The provided Authorization header is missing or invalid

application/json

404

Resource not found, Unknown issuerId or consumerId or accountId or digital card id

application/json

500

Internal Server Error

application/json

get

/issuers/{issuerId}/consumers/{consumerId}/operations/{operationId}

GET /banking/v2/issuers/{issuerId}/consumers/{consumerId}/operations/{operationId} HTTP/1.1
Host: api.d1.thalescloud.io
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

PreviousOAuth2 API NextCard API

Last updated 2 months ago

Was this helpful?