production
development
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2
Paths
/v1/servicing/codi-banxico/encrypted-key/retrieve
post /v1/servicing/codi-banxico/encrypted-key/retrieve
retrieve-payment-encrypted-key
LOB:Digital Payments; Feature:Digital Signature, Functionality:Retrieve
This API is used to get encrypted key of Banxico and digital signature associated to a CODI payment. This private encrypted key is used to decrypt the payment message contained in a QR code and the digital signature is used to validate that the message is authentic.
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Required in header
string
Content-Types that are sent in the request
ChannelId
Required in header
string
Channel where request originated
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified during application registration
sid
Required in header
string
SessionId sent by Consumer
retrieveEncryptedKeyRequest
Optional in body
object
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/servicing/codi-banxico/encrypted-key/retrieve
/v1/servicing/codi-banxico/digital-signature/validate
post /v1/servicing/codi-banxico/digital-signature/validate
validate-payment-digital-signature
LOB:Digital Payments; Feature:Digital Signature, Functionality:Validate
The API will validate the digital signature of payment that was provided by Banxico.
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Required in header
string
Content-Types that are sent in the request
ChannelId
Required in header
string
Channel where request originated
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified during application registration
sid
Required in header
string
SessionId sent by Consumer
validatePaymentSignatureRequest
Optional in body
object
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/servicing/codi-banxico/digital-signature/validate
/v1/servicing/codi-banxico/payments/status/retrieve
post /v1/servicing/codi-banxico/payments/status/retrieve
retrieve-codi-payment-status
LOB:Digital Payments; Feature:Payment Status, Functionality:Retrieve
This API will retrieve the status of the specified Payment, according to the information provided by the payee or the payor
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Required in header
string
Content-Types that are sent in the request
ChannelId
Required in header
string
Channel where request originated
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified during application registration
sid
Required in header
string
SessionId sent by Consumer
retrievePaymentStatusRequest
Optional in body
object
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/servicing/codi-banxico/payments/status/retrieve
/v2/servicing/codi-banxico/payments/status/retrieve
post /v2/servicing/codi-banxico/payments/status/retrieve
retrieve-codi-payment-status-v2
LOB:Digital Payments; Feature:Payment Status, Functionality:Retrieve
This API will retrieve the status of the specified Payment, according to the information provided by the payee or the payor
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Required in header
string
Content-Types that are sent in the request
ChannelId
Required in header
string
Channel where request originated
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified during application registration
sid
Required in header
string
SessionId sent by Consumer
retrievePaymentStatusInfoRequest
Optional in body
object
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
POST https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v2/servicing/codi-banxico/payments/status/retrieve
/v1/servicing/codi-banxico/financial-institutions/retrieve
get /v1/servicing/codi-banxico/financial-institutions/retrieve
retrieve-financial-institutions
LOB:Digital Payments; Feature:Digital Signature, Functionality:Retrieve
This API is used to retrieve the Banxico catalog of the financial institutions to make the payments between the financial institutions.
OAuth2 Application Flow
OAuth2 Application Flow
(oauth2 application)
Token URL
https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/oauth/token
Scopes
/api/v1
Client ID
X-IBM-Client-Id
(apiKey located in header)
client_id
Required in header
string
Client ID generated during application registration
Authorization
Required in header
string
The Authorization Token received during login
Accept
Required in header
string
Content-Types that are acceptable for the response
uuid
Required in header
string
128 bit UUID that you generate for every request
Accept-Language
Optional in header
string
List of acceptable human languages for response
Content-Type
Optional in header
string
Content-Types that are sent in the request
ChannelId
Required in header
string
Channel where request originated
countryCode
Required in header
string
Country code in 2 character ISO 3166 format
businessCode
Required in header
string
Business code identified during application registration
sid
Required in header
string
SessionId sent by Consumer
200
Successful operation.
400
| Type | Code | Details |
| error | invalidRequest | Missing or invalid Parameters |
401
| Type | Code | Details |
| error | unAuthorized | Authorization credentials are missing or invalid |
403
| Type | Code | Details | More Info |
| error | accessNotConfigured | The request operation is not configured to access this resource | Channel/Country/Business provided in the request is not supported currently |
404
| Type | Code | Details | More Info |
| error | resourceNotFound | The requested resource was not found | Empty resource/resource not found |
422
| Type | Code | Details |
| error | businessValidationFailed | Business validation error occured on one or more parameters |
500
| Type | Code | Details |
| fatal | serverUnavailable | The request failed due to an internal error/server unavailability |
Example Request
Example Response
GET https://sandbox.externalapib2b.wlb.nam.nsroot.net:7101/mx-gcgapi-uat/sandbox2/api/v1/servicing/codi-banxico/financial-institutions/retrieve
Definitions
{
"type": "object",
"properties": {
"paymentMode": {
"description": "Means by which a payment is made. Ex- Face to face (19) or electronic (20,21,22)",
"type": "string",
"example": "19"
},
"messageAuthenticationCode": {
"description": "Hashed message authentication code (HMAC) needed by Banxico to validate the request's authenticity",
"type": "string",
"example": "dUww7Jl4b9o:APA91bCF5ZgrBqDQGl9QO4OIemuIf-cYS6zvijYesf"
},
"payeeDevice": {
"$ref": "#/definitions/PayeeDevice"
},
"payorDevice": {
"$ref": "#/definitions/PayorDevice"
},
"qrCodeDetail": {
"$ref": "#/definitions/QRCodeDetail"
}
},
"required": [
"paymentMode",
"qrCodeDetail"
]
}
{
"type": "object",
"properties": {
"codiDeviceId": {
"description": "Alias asigned by Banxico to identify the device uniquely",
"type": "string",
"example": "460912423578"
},
"codiBankingAppId": {
"description": "Check code assigned by Banxico to identify the App in the device",
"type": "integer",
"format": "int32",
"example": 1
}
},
"required": [
"codiDeviceId",
"codiBankingAppId"
]
}
{
"type": "object",
"properties": {
"codiDeviceId": {
"description": "Alias asigned by Banxico to identify the device uniquely",
"type": "string",
"example": "460912423579"
},
"codiBankingAppId": {
"description": "Check code assigned by Banxico to identify the App in the device",
"type": "integer",
"format": "int32",
"example": 1
}
},
"required": [
"codiDeviceId",
"codiBankingAppId"
]
}
{
"type": "object",
"properties": {
"transactionId": {
"description": "Unique id for transaction-Billing message identifier. It is a unique number generated by Banxico to identify the transaction.",
"type": "string",
"example": "15f298452d"
},
"transactionReferenceId": {
"description": "Unique payment number. It is the unique transaction number generated by the vendor.",
"type": "string",
"example": "4"
},
"encryptedPaymentDetail": {
"description": "Encrypted payment message-seller name, phone number and seller clabe account",
"type": "string",
"example": "ZPtpG5XdUt01kggddOjq6nZhbk+dsTCA7nMRlexJvzy2s8V065DhvCHfbduNvHanI+13IMQ6/dDqKhrrqqHefKaWU5M0IQDV8oYuy40eZWePLTqVMkEbux2uvGw0r5/vqCvvwGfpfFYDz/kVTvM9zaGEFgerRAEkZhsvW3j9wfi02yPv5+gvvTpGuY4Tri7bKC56LAVyVTJtjFWA8gAyqj1QKKgJc6svvdyLXX0hoJWw1UQziablu3T32cs3EmOkh6FoJN/0kJiaUaMJiQntZKoUbc7bsSOcKRok6zyhdW7b0VpOfsmamLJcT1q1/egV4wFJY8wScR7ZPZOoAZjHz3rQ9SsMQQ8bZ9Yz+tiDvZcRZWrCg1Mw6AhESlBzkgdI"
}
},
"required": [
"transactionId",
"transactionReferenceId",
"encryptedPaymentDetail"
]
}
{
"type": "object",
"properties": {
"encryptedBanxicoSymmetricKey": {
"description": "Encrypted symmetric key used to decipher the payment message contained in a QR",
"type": "string",
"example": "WePLTqVMkEbux2uvGw0r5/vqCvvwGfpfFYDz/kVTvM9zaGEFgerRAEkZhsvW3j9wfi02yPv5+gvvTpGuY4Tri7bKC56LAVyVTJtjFWA8gAyqj1QKKgJc6svvdyLXX0hoJWw1UQ"
},
"digitalSignature": {
"$ref": "#/definitions/DigitalSignature"
}
},
"required": [
"encryptedBanxicoSymmetricKey",
"digitalSignature"
]
}
{
"type": "object",
"properties": {
"banxicoSignatureValue": {
"description": "Digital signature generated by banxico that the Application will use to validate the payment message authenticity",
"type": "string",
"example": "4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz"
},
"banxicoCertificateSerialNumber": {
"description": "Certificate Serial number used by banxico for generating the payment digital signature",
"type": "string",
"example": "002345345"
}
},
"required": [
"banxicoCertificateSerialNumber",
"banxicoSignatureValue"
]
}
{
"type": "object",
"properties": {
"encryptedPaymentDetail": {
"description": "Encrypted Payment message generated with E2EE",
"type": "string",
"example": "dUww7Jl4b9o:APA91bGHVzEMF6xdD_ZV1L4CF5ZgrBqDQGl9QO4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz_-8KLRxmJdI9571o"
},
"digitalSignatureInfo": {
"$ref": "#/definitions/DigitalSignatureInfo"
}
},
"required": [
"encryptedPaymentDetail"
]
}
{
"type": "object",
"properties": {
"banxicoSignatureValue": {
"description": "Digital signature generated by banxico that the Application will use to validate the payment message authenticity",
"type": "string",
"example": "4OIemuIf04sMzbFBl_duDoWZOO4rADGviq0Rf4UCz-cYS6zvijYesfRbUR1a4BQqKUQ4z56cgmTyEjtQdQQgIz"
},
"banxicoCertificateSerialNumber": {
"description": "Certificate Serial number used by banxico for generating the payment digital signature",
"type": "string",
"example": "002345345"
}
},
"required": [
"banxicoCertificateSerialNumber",
"banxicoSignatureValue"
]
}
{
"type": "object",
"properties": {
"transactionId": {
"description": "Unique id for transaction-Billing message identifier. It is a unique number generated by Banxico to identify the transaction.",
"type": "string",
"example": "15f298452d"
},
"rowLimit": {
"description": "Total records. This value is obtained by a select count()",
"type": "integer",
"format": "int32",
"example": 100
},
"pageId": {
"description": "Identifier of the page to control pagination",
"type": "integer",
"format": "int32",
"example": 1
},
"messageAuthenticationCode": {
"description": "Hashed message authentication code (HMAC) needed by Banxico to validate the request's authenticity",
"type": "string",
"example": "dUww7Jl4b9o:APA91bCF5ZgrBqDQGl9QO4OIemuIf-cYS6zvijYesf"
},
"payeeDevice": {
"$ref": "#/definitions/PayeeDeviceInfo"
},
"payorDevice": {
"$ref": "#/definitions/PayorDeviceInfo"
}
},
"required": [
"transactionId",
"payeeDevice",
"messageAuthenticationCode"
]
}
{
"type": "object",
"properties": {
"encryptedPayment": {
"description": "Encrypted object as defined in the definitions swagger.",
"type": "string",
"format": "byte",
"example": "Q34EDR56TF"
}
},
"required": [
"encryptedPayment"
]
}
{
"type": "object",
"properties": {
"codiDeviceId": {
"description": "Alias asigned by Banxico to identify the device uniquely",
"type": "string",
"example": "460912423578"
},
"codiBankingAppId": {
"description": "Check code assigned by Banxico to identify the App in the device",
"type": "integer",
"format": "int32",
"example": 1
}
},
"required": [
"codiDeviceId",
"codiBankingAppId"
]
}
{
"type": "object",
"properties": {
"codiDeviceId": {
"description": "Alias asigned by Banxico to identify the device uniquely",
"type": "string",
"example": "460912423578"
},
"codiBankingAppId": {
"description": "Check code assigned by Banxico to identify the App in the device",
"type": "integer",
"format": "int32",
"example": 1
}
},
"required": [
"codiDeviceId",
"codiBankingAppId"
]
}
{
"type": "object",
"properties": {
"encryptedPaymentMessageList": {
"description": "Encrypted data that contains the payment message list as a result of the query",
"type": "string",
"example": "95d461616d96ebef6b545152a2ef6f4d4ad6932756f3aa715650d09a1847e171a5ebac4fc5d870f223db8566f939122882fb8eaf5115c54c837035661d75c403eedba37c9a1c59c622a1a9890f025c7479ba2e87fb37573c29c4bd7a7c364220674175fe78b01167ecdba8a4985af6826e40bb0849eb6fa1ceab7433f77a1d769311307cb1a16f0506f5b238369747cac699dc0692a4642d674bbb7078772fed82fda92636c054ed100fb564cd151701127f743cf19e4fdd9bf293286f530429e827deeaeaff17e736abbd43ff94a01bdd04731ba6ebe15f691fa82c365bc9a1"
},
"moreInformationFlag": {
"description": "More information flag",
"type": "boolean",
"example": true
}
}
}
{
"properties": {
"financialInstitution": {
"type": "array",
"items": {
"$ref": "#/definitions/FinancialInstitution"
}
}
}
}
{
"type": "object",
"properties": {
"speiId": {
"description": "SPEI Id assigned to each financial institution by Banxico",
"type": "string",
"example": "37002"
},
"organizationShortName": {
"description": "Financial Institutions short name registered in Banxico",
"type": "string",
"example": "CitiBanamex"
},
"applicationId": {
"description": "Id of financial institutions CODI application",
"type": "string",
"example": "org.banxico.dgspsc.mobile.citibanamex"
}
},
"required": [
"speiId",
"organizationShortName"
]
}
{
"properties": {
"type": {
"type": "string",
"description": "Invalid - Request did not confirm to the specification and was unprocessed and rejected. Please fix the value and try again",
"enum": [
"error",
"warn",
"invalid",
"fatal"
]
},
"code": {
"description": "Error code which qualifies the error",
"type": "string"
},
"details": {
"description": "Human readable explanation specific to the occurrence of the problem",
"type": "string"
},
"location": {
"description": "The name of the field that resulted in the error",
"type": "string"
},
"moreInfo": {
"description": "More Info can be used to pass any additional details",
"type": "string"
},
"uuid": {
"description": "128 bit UUID that you generate for every request",
"type": "string"
},
"timestamp": {
"description": "Timestamp of the error",
"type": "string"
}
},
"required": [
"type",
"code"
]
}