Pass feature-scopes in AIS auth-request
Yapily Authorisation API supports the ability to pass specific AIS feature-scopes in the authorisation request.
This enables your application to pass minimal feature-scopes or extended feature-scopes in your account authorisation request to the bank as required. These permissions (e.g Accounts, Transactions, Statements) allow you to inform your end-user regarding the specific resources you are accessing from their account.
Each bank has a various permission naming convention based on the underlying API standard they adopt — UK Open Banking, Berlin Group or custom Bank standard and different permissions they support, which poses a unique challenge for third-parties such as yourself to map and maintain these various scope permissions.
Hence, Yapily offers a standardised feature-scopes which are common across all the institutions, while we maintaining the backend mapping to each institution and API versions.
How to use feature-scopes?
By passing the Yapilyfeatures:[]
list within the Account authorisation request.
Example of the Account Auth Request with specific feature scopes:
POST https://api.yapily.com/account-auth-requests
Request Body:
{
...
],
"accountRequest": {
...
"featureScope": [
"ACCOUNT"
]
},
"institutionId": "string",
"callback": "string",
...
}
Note: We specifically did not pass the other scopes above.
For this example your end-user will only see the permissions you’ve passed on their bank-side consent screen (e.g only Accounts)
The Yapily feature-scope for each individual institutions varies based on the availability of such scopes/permissions. You can obtain available feature-scopes on each institution using the institution endpoint.
For more information, see the links:
- Release Note: 2019–04–12
- API Documentation for Account Auth Request endpoint
- API Documentation for Features endpoint