--- swagger: "2.0" info: title: serv-pyi-d-codi-banxico-payment description: The microservice helps to manage the payments for Banxico - Codi feature. version: 1.0.1 x-ibm-name: serv-pyi-d-codi-banxico-payment host: 127.0.0.1 schemes: - https basePath: /api produces: - application/json paths: /v1/servicing/codi-banxico/encrypted-key/retrieve: post: tags: - retrieve-payment-encrypted-key operationId: retrieve-payment-encrypted-key summary: LOB:Digital Payments; Feature:Digital Signature, Functionality:Retrieve description: This API is used to get encrypted key of Banxico and digital signature associated to a CODI payment. This private encrypted key is used to decrypt the payment message contained in a QR code and the digital signature is used to validate that the message is authentic. consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrieveEncryptedKeyRequest in: body schema: $ref: '#/definitions/RetrieveEncryptedKeyRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveEncryptedKeyResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/servicing/codi-banxico/digital-signature/validate: post: tags: - validate-payment-digital-signature operationId: validate-payment-digital-signature summary: LOB:Digital Payments; Feature:Digital Signature, Functionality:Validate description: The API will validate the digital signature of payment that was provided by Banxico. consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: validatePaymentSignatureRequest in: body schema: $ref: '#/definitions/ValidatePaymentSignatureRequest' responses: 200: description: Successful operation. 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/servicing/codi-banxico/payments/status/retrieve: post: tags: - retrieve-codi-payment-status operationId: retrieve-codi-payment-status summary: LOB:Digital Payments; Feature:Payment Status, Functionality:Retrieve description: This API will retrieve the status of the specified Payment, according to the information provided by the payee or the payor consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrievePaymentStatusRequest in: body schema: $ref: '#/definitions/RetrievePaymentStatusRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrievePaymentStatusResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v2/servicing/codi-banxico/payments/status/retrieve: post: tags: - retrieve-codi-payment-status-v2 operationId: retrieve-codi-payment-status-v2 summary: LOB:Digital Payments; Feature:Payment Status, Functionality:Retrieve description: This API will retrieve the status of the specified Payment, according to the information provided by the payee or the payor consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: true type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer - name: retrievePaymentStatusInfoRequest in: body schema: $ref: '#/definitions/RetrievePaymentStatusInfoRequest' responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrievePaymentStatusResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' /v1/servicing/codi-banxico/financial-institutions/retrieve: get: tags: - retrieve-financial-institutions operationId: retrieve-financial-institutions summary: LOB:Digital Payments; Feature:Digital Signature, Functionality:Retrieve description: This API is used to retrieve the Banxico catalog of the financial institutions to make the payments between the financial institutions. consumes: - application/json produces: - application/json parameters: - name: client_id in: header required: true type: string description: Client ID generated during application registration - name: Authorization in: header required: true type: string description: The Authorization Token received during login - name: Accept in: header required: true type: string description: Content-Types that are acceptable for the response - name: uuid in: header required: true type: string description: 128 bit UUID that you generate for every request - name: Accept-Language in: header required: false type: string description: List of acceptable human languages for response - name: Content-Type in: header required: false type: string description: Content-Types that are sent in the request - name: ChannelId in: header required: true type: string description: Channel where request originated - name: countryCode in: header required: true type: string description: Country code in 2 character ISO 3166 format - name: businessCode in: header required: true type: string description: Business code identified during application registration - name: sid in: header required: true type: string description: SessionId sent by Consumer responses: 200: description: Successful operation. schema: $ref: '#/definitions/RetrieveInstitutionsResponse' 400: description:
TypeCodeDetails
errorinvalidRequestMissing or invalid Parameters
schema: $ref: '#/definitions/ErrorResponse' 401: description:
TypeCodeDetails
errorunAuthorizedAuthorization credentials are missing or invalid
schema: $ref: '#/definitions/ErrorResponse' 403: description:
TypeCodeDetailsMore Info
erroraccessNotConfiguredThe request operation is not configured to access this resourceChannel/Country/Business provided in the request is not supported currently
schema: $ref: '#/definitions/ErrorResponse' 404: description:
TypeCodeDetailsMore Info
errorresourceNotFoundThe requested resource was not foundEmpty resource/resource not found
schema: $ref: '#/definitions/ErrorResponse' 422: description:
TypeCodeDetails
errorbusinessValidationFailedBusiness validation error occured on one or more parameters
schema: $ref: '#/definitions/ErrorResponse' 500: description:
TypeCodeDetails
fatalserverUnavailableThe request failed due to an internal error/server unavailability
schema: $ref: '#/definitions/ErrorResponse' definitions: RetrieveEncryptedKeyRequest: type: object properties: paymentMode: description: Means by which a payment is made. Ex- Face to face (19) or electronic (20,21,22) type: string example: "19" messageAuthenticationCode: description: Hashed message authentication code (HMAC) needed by Banxico to validate the request's authenticity type: string example: dUww7Jl4b9o:APA91bCF5ZgrBqDQGl9QO4OIemuIf-cYS6zvijYesf payeeDevice: $ref: '#/definitions/PayeeDevice' payorDevice: $ref: '#/definitions/PayorDevice' qrCodeDetail: $ref: '#/definitions/QRCodeDetail' required: - paymentMode - qrCodeDetail PayeeDevice: type: object properties: codiDeviceId: description: Alias asigned by Banxico to identify the device uniquely type: string example: "460912423578" codiBankingAppId: description: Check code assigned by Banxico to identify the App in the device type: integer format: int32 example: 1 required: - codiDeviceId - codiBankingAppId PayorDevice: type: object properties: codiDeviceId: description: Alias asigned by Banxico to identify the device uniquely type: string example: "460912423579" codiBankingAppId: description: Check code assigned by Banxico to identify the App in the device type: integer format: int32 example: 1 required: - codiDeviceId - codiBankingAppId QRCodeDetail: type: object properties: transactionId: description: Unique id for transaction-Billing message identifier. It is a unique number generated by Banxico to identify the transaction. type: string example: 15f298452d transactionReferenceId: description: Unique payment number. It is the unique transaction number generated by the vendor. type: string example: "4" encryptedPaymentDetail: description: Encrypted payment message-seller name, phone number and seller clabe account type: string example: ZPtpG5XdUt01kggddOjq6nZhbk+dsTCA7nMRlexJvzy2s8V065DhvCHfbduNvHanI+13IMQ6/dDqKhrrqqHefKaWU5M0IQDV8oYuy40eZWePLTqVMkEbux2uvGw0r5/vqCvvwGfpfFYDz/kVTvM9zaGEFgerRAEkZhsvW3j9wfi02yPv5+gvvTpGuY4Tri7bKC56LAVyVTJtjFWA8gAyqj1QKKgJc6svvdyLXX0hoJWw1UQziablu3T32cs3EmOkh6FoJN/0kJiaUaMJiQntZKoUbc7bsSOcKRok6zyhdW7b0VpOfsmamLJcT1q1/egV4wFJY8wScR7ZPZOoAZjHz3rQ9SsMQQ8bZ9Yz+tiDvZcRZWrCg1Mw6AhESlBzkgdI required: - transactionId - transactionReferenceId - encryptedPaymentDetail RetrieveEncryptedKeyResponse: type: object properties: encryptedBanxicoSymmetricKey: description: Encrypted symmetric key used to decipher the payment message contained in a QR type: string example: WePLTqVMkEbux2uvGw0r5/vqCvvwGfpfFYDz/kVTvM9zaGEFgerRAEkZhsvW3j9wfi02yPv5+gvvTpGuY4Tri7bKC56LAVyVTJtjFWA8gAyqj1QKKgJc6svvdyLXX0hoJWw1UQ digitalSignature: $ref: '#/definitions/DigitalSignature' required: - encryptedBanxicoSymmetricKey - digitalSignature DigitalSignature: type: object properties: banxicoSignatureValue: description: Digital signature generated by banxico that the Application will use to validate the payment message authenticity type: string example: 4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz banxicoCertificateSerialNumber: description: Certificate Serial number used by banxico for generating the payment digital signature type: string example: "002345345" required: - banxicoCertificateSerialNumber - banxicoSignatureValue ValidatePaymentSignatureRequest: type: object properties: encryptedPaymentDetail: description: Encrypted Payment message generated with E2EE type: string example: dUww7Jl4b9o:APA91bGHVzEMF6xdD_ZV1L4CF5ZgrBqDQGl9QO4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz_-8KLRxmJdI9571o digitalSignatureInfo: $ref: '#/definitions/DigitalSignatureInfo' required: - encryptedPaymentDetail DigitalSignatureInfo: type: object properties: banxicoSignatureValue: description: Digital signature generated by banxico that the Application will use to validate the payment message authenticity type: string example: 4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz banxicoCertificateSerialNumber: description: Certificate Serial number used by banxico for generating the payment digital signature type: string example: "002345345" required: - banxicoCertificateSerialNumber - banxicoSignatureValue RetrievePaymentStatusRequest: type: object properties: transactionId: description: Unique id for transaction-Billing message identifier. It is a unique number generated by Banxico to identify the transaction. type: string example: 15f298452d rowLimit: description: Total records. This value is obtained by a select count() type: integer format: int32 example: 100 pageId: description: Identifier of the page to control pagination type: integer format: int32 example: 1 messageAuthenticationCode: description: Hashed message authentication code (HMAC) needed by Banxico to validate the request's authenticity type: string example: dUww7Jl4b9o:APA91bCF5ZgrBqDQGl9QO4OIemuIf-cYS6zvijYesf payeeDevice: $ref: '#/definitions/PayeeDeviceInfo' payorDevice: $ref: '#/definitions/PayorDeviceInfo' required: - transactionId - payeeDevice - messageAuthenticationCode RetrievePaymentStatusInfoRequest: type: object properties: encryptedPayment: description: Encrypted object as defined in the definitions swagger. type: string format: byte example: Q34EDR56TF required: - encryptedPayment PayeeDeviceInfo: type: object properties: codiDeviceId: description: Alias asigned by Banxico to identify the device uniquely type: string example: "460912423578" codiBankingAppId: description: Check code assigned by Banxico to identify the App in the device type: integer format: int32 example: 1 required: - codiDeviceId - codiBankingAppId PayorDeviceInfo: type: object properties: codiDeviceId: description: Alias asigned by Banxico to identify the device uniquely type: string example: "460912423578" codiBankingAppId: description: Check code assigned by Banxico to identify the App in the device type: integer format: int32 example: 1 required: - codiDeviceId - codiBankingAppId RetrievePaymentStatusResponse: type: object properties: encryptedPaymentMessageList: description: Encrypted data that contains the payment message list as a result of the query type: string example: 95d461616d96ebef6b545152a2ef6f4d4ad6932756f3aa715650d09a1847e171a5ebac4fc5d870f223db8566f939122882fb8eaf5115c54c837035661d75c403eedba37c9a1c59c622a1a9890f025c7479ba2e87fb37573c29c4bd7a7c364220674175fe78b01167ecdba8a4985af6826e40bb0849eb6fa1ceab7433f77a1d769311307cb1a16f0506f5b238369747cac699dc0692a4642d674bbb7078772fed82fda92636c054ed100fb564cd151701127f743cf19e4fdd9bf293286f530429e827deeaeaff17e736abbd43ff94a01bdd04731ba6ebe15f691fa82c365bc9a1 moreInformationFlag: description: More information flag type: boolean example: true RetrieveInstitutionsResponse: properties: financialInstitution: type: array items: $ref: '#/definitions/FinancialInstitution' FinancialInstitution: type: object properties: speiId: description: SPEI Id assigned to each financial institution by Banxico type: string example: "37002" organizationShortName: description: Financial Institutions short name registered in Banxico type: string example: CitiBanamex applicationId: description: Id of financial institutions CODI application type: string example: org.banxico.dgspsc.mobile.citibanamex required: - speiId - organizationShortName ErrorResponse: properties: type: type: string description: Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again enum: - error - warn - invalid - fatal code: description: Error code which qualifies the error type: string details: description: Human readable explanation specific to the occurrence of the problem type: string location: description: The name of the field that resulted in the error type: string moreInfo: description: More Info can be used to pass any additional details type: string uuid: description: 128 bit UUID that you generate for every request type: string timestamp: description: Timestamp of the error type: string required: - type - code x-ibm-configuration: enforced: true testable: true phase: realized securityDefinitions: OAuth2 Application Flow: type: oauth2 description: "" flow: application scopes: /api/v1: "" tokenUrl: https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token Client ID: type: apiKey description: "" in: header name: X-IBM-Client-Id security: - OAuth2 Application Flow: - /api/v1 Client ID: [] x-ibm-endpoints: - endpointUrl: https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2 type: - production - development ...