Pass feature-scopes in AIS auth-request

Yapily Authorisation API supports the ability to pass specific AIS feature-scopes in the authorisation request.

This enables your application to pass minimal feature-scopes or extended feature-scopes in your account authorisation request to the bank as required. These permissions (e.g Accounts, Transactions, Statements) allow you to inform your end-user regarding the specific resources you are accessing from their account.

Each bank has a various permission naming convention based on the underlying API standard they adopt — UK Open Banking, Berlin Group or custom Bank standard and different permissions they support, which poses a unique challenge for third-parties such as yourself to map and maintain these various scope permissions.

Hence, Yapily offers a standardised feature-scopes which are common across all the institutions, while we maintaining the backend mapping to each institution and API versions.

How to use feature-scopes?

By passing the Yapilyfeatures:[] list within the Account authorisation request.

Example of the Account Auth Request with specific feature scopes:

POST https://api.yapily.com/account-auth-requests
Request Body:
{
  ...
  ],
  "accountRequest": {
   ...
    "featureScope": [
      "ACCOUNT"
      ]
  },
  "institutionId": "string",
  "callback": "string",
  ...
}

Note: We specifically did not pass the other scopes above.

For this example your end-user will only see the permissions you’ve passed on their bank-side consent screen (e.g only Accounts)

The Yapily feature-scope for each individual institutions varies based on the availability of such scopes/permissions. You can obtain available feature-scopes on each institution using the institution endpoint.

For more information, see the links:

• Release Note: 2019–04–12
• API Documentation for Account Auth Request endpoint
• API Documentation for Features endpoint