diff --git a/vuepress/docs/.vuepress/config.js b/vuepress/docs/.vuepress/config.js
index ef0a3b19..6db0dfcd 100644
--- a/vuepress/docs/.vuepress/config.js
+++ b/vuepress/docs/.vuepress/config.js
@@ -304,10 +304,35 @@ module.exports = {
sidebarDepth: 2
},
{
- title: '3PPI/ISP API',
+ title: 'Thirdparty API',
collapsable: false,
+ path: 'thirdparty/',
children: [
- ['3ppi-pisp/', 'Overview'],
+ {
+ title: 'API Definitions',
+ path: 'fspiop/logical-data-model',
+ collapsable: true
+ },
+ {
+ title: 'Transaction Patterns',
+ path: 'thirdparty/transaction-patterns',
+ collapsable: true,
+ children: [
+ {
+ title: 'Transaction Patterns Linking',
+ path: 'thirdparty/transaction-patterns-linking'
+ },
+ {
+ title: 'Transaction Patterns Transfer',
+ path: 'thirdparty/transaction-patterns-transfer'
+ }
+ ]
+ },
+ {
+ title: 'Data Models',
+ path: 'thirdparty/data-models',
+ collapsable: true
+ },
],
sidebarDepth: 2
},
diff --git a/vuepress/docs/api/3ppi-pisp/README.md b/vuepress/docs/api/3ppi-pisp/README.md
deleted file mode 100644
index dad2448d..00000000
--- a/vuepress/docs/api/3ppi-pisp/README.md
+++ /dev/null
@@ -1 +0,0 @@
-API specifications goes here
\ No newline at end of file
diff --git a/vuepress/docs/api/thirdparty/README.md b/vuepress/docs/api/thirdparty/README.md
new file mode 100644
index 00000000..e2f39622
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/README.md
@@ -0,0 +1,41 @@
+# Third Party API
+
+The Third Party API is an API for non-fund-holding participants to interact over a centralized Mojaloop hub.
+Specifically, this API allows Payment Initiation Service Providers (PISPs) to act as a proxy in initiating
+payments, while allowing for the strong authentication of users.
+
+## Terms
+
+The following terms are commonly used across the Third Party API Documentation
+
+| **Term** | **Alternative and Related Terms** | **Definition** | **Source** |
+| --- | --- | --- | --- |
+| **Payment Initiation Service Provider** | PISP, 3rd Party Payment Initiator (3PPI) | Regulated entities like retail banks or third parties, that allow customers to make payments without accessing bank accounts or cards | [PSD2](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32015L2366&qid=1633311418487) |
+| **FSP** | Provider, Financial Service Provider (FSP), Payment Service Provider, Digital Financial Services Provider (DFSP) | The entity that provides a digital financial service to an end user (either a consumer, a business, or a government.) In a closed-loop payment system, the Payment System Operator is also the provider. In an open-loop payment system, the providers are the banks or non-banks which participate in that system. | [ITU-T](https://www.itu.int/dms_pub/itu-t/opb/tut/T-TUT-ECOPO-2018-PDF-E.pdf) |
+| **User** | End User | An end user that is shared between a PISP and DFSP. Mostly used in the context of a real human being, but this could also be a machine user, or a business for example |
+| **Consent** | Account Link | A representation of an agreement between the DFSP, PISP and User | |
+| **Auth-Service** | | A service run by the Mojaloop Hub that is responsible for verifying and storing Consents, and verifying transaction request signatures | |
+
+## API Definitions
+
+The Third Party API is defined across the following OpenAPI 3.0 files:
+
+- [Third Party API - PISP](./thirdparty-pisp-v1.0.yaml)
+- [Third Party API - DFSP](./thirdparty-dfsp-v1.0.yaml)
+
+The implementation of these APIs will depend on the role of the participant. PISPs should implement the [Third Party API - PISP](./thirdparty-pisp-v1.0.yaml)
+interface in order to request and manage Account Linking operations, and initiate Third Party Transaction Requests.
+
+DFSPs who wish to support Account Linking operations, and be able to respond to and verify Third Party Transaction Requests should
+implement the [Third Party API - DFSP](./thirdparty-dfsp-v1.0.yaml).
+
+## Transaction Patterns
+
+The interactions and examples of how a DFSP and PISP will interact with the Third Party API can be found in the following Transaction Patterns Documents:
+
+1. [Linking](./transaction-patterns-linking.md) describes how an account link and credential can be established between a DFSP and a PISP
+2. [Transfer](./transaction-patterns-transfer.md) describes how a PISP can initate a payment from a DFSP's account using the account link
+
+## Data Models
+
+The [Data Models Document](./data-models.md) describes in detail the Data Models used in the Third Party API
diff --git a/vuepress/docs/api/thirdparty/_sync_docs.sh b/vuepress/docs/api/thirdparty/_sync_docs.sh
new file mode 100644
index 00000000..fd92ad48
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/_sync_docs.sh
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+##
+# Synchronises the definition docs from their disparate locations into one place.
+#
+# The API Spec for the Third Party API is managed by the api-snippets project
+##
+
+set -eu
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+GIT_URL="https://github.com/mojaloop/api-snippets.git"
+BRANCH='master'
+CLONE_DIR='/tmp/api-snippets'
+
+rm -rf ${CLONE_DIR}
+
+git clone -b ${BRANCH} ${GIT_URL} ${CLONE_DIR}
+
+# API definition, grab from mojaloop/pisp-project
+cp ${CLONE_DIR}/thirdparty/openapi3/thirdparty-dfsp-api.yaml ${DIR}/thirdparty-dfsp-v1.0.yaml
+cp ${CLONE_DIR}/thirdparty/openapi3/thirdparty-pisp-api.yaml ${DIR}/thirdparty-pisp-v1.0.yaml
diff --git a/vuepress/docs/api/thirdparty/assets/README.md b/vuepress/docs/api/thirdparty/assets/README.md
new file mode 100644
index 00000000..8ef0a612
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/README.md
@@ -0,0 +1,15 @@
+# thirdparty-api/assets
+
+Supporting Assets for the Third Party API Specification
+
+
+## Rebuild all Puml -> svg
+
+For consistent rending of sequence diagrams, we build the .puml sources to .svgs using the following script
+
+```bash
+./_build_plantuml_all.sh
+```
+
+This also ensures that the sequence diagrams are easily readable inline in markdown documents.
+
diff --git a/vuepress/docs/api/thirdparty/assets/_build_plantuml_all.sh b/vuepress/docs/api/thirdparty/assets/_build_plantuml_all.sh
new file mode 100644
index 00000000..a47edbab
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/_build_plantuml_all.sh
@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+PUML_PORT=9999
+export PUML_BASE_URL=http://localhost:${PUML_PORT}
+
+##
+# searches through repo for plantuml sources
+# and exports them using `node-plantuml`
+##
+
+trap ctrl_c INT
+function ctrl_c() {
+ echo "exit early - stopping docker"
+ docker stop puml-local
+ exit 1
+}
+
+# run the docker puml server
+docker run -d --rm \
+ --name puml-local \
+ -p ${PUML_PORT}:8080 \
+ plantuml/plantuml-server:jetty-v1.2020.21
+
+# Wait for docker to be up
+sleep 2
+
+for i in $(find ${DIR}/diagrams -name '*.puml'); do
+ echo "rendering .puml -> .svg for diagram diagram: $i"
+ ${DIR}/_render_svg.js $i $(echo $i | sed 's/puml/svg/g')
+done
+
+docker stop puml-local
diff --git a/vuepress/docs/api/thirdparty/assets/_build_plantuml_diff.sh b/vuepress/docs/api/thirdparty/assets/_build_plantuml_diff.sh
new file mode 100644
index 00000000..efe48920
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/_build_plantuml_diff.sh
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+PUML_PORT=9999
+export PUML_BASE_URL=http://localhost:${PUML_PORT}
+
+##
+# searches through repo for plantuml sources
+# and exports them using `node-plantuml`
+##
+
+trap ctrl_c INT
+function ctrl_c() {
+ echo "exit early - stopping docker"
+ docker stop puml-local
+ exit 1
+}
+
+# run the docker puml server
+docker run -d --rm \
+ --name puml-local \
+ -p ${PUML_PORT}:8080 \
+ plantuml/plantuml-server:jetty-v1.2020.21
+
+# Wait for docker to be up
+sleep 2
+
+for i in $(git diff --staged --name-only `find ${DIR}/../docs -name '*.puml'`); do
+ echo "rendering .puml -> .svg for diagram diagram: $i"
+ ${DIR}/_render_svg.js $i $(echo $i | sed 's/puml/svg/g')
+done
+
+
+git add ./
+
+docker stop puml-local
diff --git a/vuepress/docs/api/thirdparty/assets/_render_svg.js b/vuepress/docs/api/thirdparty/assets/_render_svg.js
new file mode 100644
index 00000000..9e0c8f56
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/_render_svg.js
@@ -0,0 +1,64 @@
+#!/usr/bin/env node
+
+
+/**
+ * Uses plantuml server to render a puml to svg
+ */
+
+const fs = require('fs')
+const path = require('path')
+const util = require('util')
+const got = require('got')
+const SVGO = require('svgo')
+const plantumlEncoder = require('plantuml-encoder')
+
+const rendererBaseUrl = process.env.PUML_BASE_URL || 'http://www.plantuml.com/plantuml'
+
+svgo = new SVGO({
+ js2svg: { pretty: true, indent: 2 },
+ plugins: [
+ { removeComments: true },
+ ]
+});
+
+async function main() {
+ let [_, _script, inputPath, outputPath] = process.argv
+
+ if (!inputPath) {
+ console.log("usage: ./_render_svg.js ]")
+ process.exit(1)
+ }
+
+ // If not specified, replace .puml or .plantuml with `.svg`
+ if (!outputPath) {
+ outputPath = inputPath.replace('.puml', '.svg')
+ .replace('.plantuml', '.svg')
+ }
+
+ const rawPumlContents = fs.readFileSync(inputPath)
+ const encoded = plantumlEncoder.encode(rawPumlContents.toString())
+ const url = path.join(rendererBaseUrl, 'svg', encoded)
+ let result
+ try {
+ result = await got.get(url)
+ } catch (err) {
+ console.log('http request failed to render puml with error', err.message)
+ if (err.message.indexOf('Response code 403') > -1) {
+ console.log('Note: sometimes the public puml renderer fails when the input diagrams are too large. Try running your own renderer server with docker.')
+ }
+
+ if (err.message.indexOf('Response code 400') > -1) {
+ console.log('This could be due to bad syntax in the puml diagram. Url is:')
+ console.log(url)
+ }
+
+ process.exit(1)
+ }
+
+ // Strip comments and prettify svg
+ // This makes sure that our .svg files are deterministic and diffable
+ const formatted = await svgo.optimize(result.body)
+ fs.writeFileSync(outputPath, formatted.data)
+}
+
+main()
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.puml
new file mode 100644
index 00000000..b07cf912
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.puml
@@ -0,0 +1,49 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Pre-linking
+
+box "Mobile device"
+ participant App
+end box
+
+box "PISP"
+ participant PISP
+end box
+
+box "Mojaloop"
+ participant Switch
+end box
+
+autonumber 1 "PRE-# "
+activate App
+App -> PISP ++: What DFSPs are available to link with?
+
+
+PISP -> Switch ++: ""GET /services/THIRD_PARTY_DFSP""\n""FSPIOP-Source: pispa""\n""FSPIOP-Destination: switch""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> PISP ++: ""PUT /services/THIRD_PARTY_DFSP""\n""FSPIOP-Source: switch""\n""FSPIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" "serviceProviders": ["" \n\
+ "" "dfspa", "dfspb""" \n\
+ "" ]"" \n\
+ ""}""
+PISP --> Switch: ""200 OK""
+
+PISP --> App --: We have dfspa and dfspb\n
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.svg
new file mode 100644
index 00000000..c7ee47f8
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/0-pre-linking.svg
@@ -0,0 +1,107 @@
+
+
+ PISP Linking: Pre-linking
+
+
+ Mobile device
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ App
+
+
+ PISP
+
+
+ Switch
+
+
+ PRE-1
+
+
+ What DFSPs are available to link with?
+
+
+ PRE-2
+
+
+ GET /services/THIRD_PARTY_DFSP
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: switch
+
+
+ PRE-3
+
+
+ 202 Accepted
+
+
+ PRE-4
+
+
+ PUT /services/THIRD_PARTY_DFSP
+
+
+ FSPIOP-Source: switch
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "serviceProviders": [
+
+
+ "dfspa", "dfspb
+
+
+ "
+
+
+ ]
+
+
+ }
+
+
+ PRE-5
+
+
+ 200 OK
+
+
+ PRE-6
+
+
+ We have dfspa and dfspb
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.puml
new file mode 100644
index 00000000..c719fb2a
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.puml
@@ -0,0 +1,85 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+
+title PISP Linking: Discovery
+
+box "Mobile device"
+ participant App
+end box
+
+box "PISP"
+ participant PISP
+end box
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant DFSP
+
+autonumber 1 "DISC-# "
+activate PISP
+
+...
+
+note over App, DFSP
+ The user will be prompted in the PISP App for the unique ID they use with their DFSP, and the type of identifier they use. This could be a an account ALIAS, MSISDN, email address, etc.
+end note
+
+...
+
+PISP -> Switch ++: ""GET /accounts/username1234""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""GET /accounts/username1234""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> Switch ++: ""PUT /accounts/username1234""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""[""\n\
+ "" { accountNickname: "Chequing Account", id: "dfspa.username.1234", currency: "ZAR" },""\n\
+ "" { accountNickname: "Everyday Spend", id: "dfspa.username.5678", currency: "USD" }""\n\
+ ""]""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /accounts/username1234""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""[""\n\
+ "" { accountNickname: "Chequing Account", id: "dfspa.username.1234", currency: "ZAR" },""\n\
+ "" { accountNickname: "Everyday Spend", id: "dfspa.username.5678", currency: "USD" }""\n\
+ ""]""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+...
+
+note over App, DFSP
+ The PISP can now present a list of possible accounts to the user for pairing.
+end note
+
+...
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.svg
new file mode 100644
index 00000000..68f6c49c
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/1-discovery.svg
@@ -0,0 +1,194 @@
+
+
+ PISP Linking: Discovery
+
+
+ Mobile device
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ App
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ The user will be prompted in the PISP App for the unique ID they use with their DFSP, and the type of identifier they use. This could be a an account ALIAS, MSISDN, email address, etc.
+
+
+ DISC-1
+
+
+ GET /accounts/username1234
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ DISC-2
+
+
+ 202 Accepted
+
+
+ DISC-3
+
+
+ GET /accounts/username1234
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ DISC-4
+
+
+ 202 Accepted
+
+
+ DISC-5
+
+
+ PUT /accounts/username1234
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ [
+
+
+ { accountNickname: "Chequing Account", id: "dfspa.username.1234", currency: "ZAR" },
+
+
+ { accountNickname: "Everyday Spend", id: "dfspa.username.5678", currency: "USD" }
+
+
+ ]
+
+
+ DISC-6
+
+
+ 200 OK
+
+
+ DISC-7
+
+
+ PUT /accounts/username1234
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ [
+
+
+ { accountNickname: "Chequing Account", id: "dfspa.username.1234", currency: "ZAR" },
+
+
+ { accountNickname: "Everyday Spend", id: "dfspa.username.5678", currency: "USD" }
+
+
+ ]
+
+
+ DISC-8
+
+
+ 200 OK
+
+
+ The PISP can now present a list of possible accounts to the user for pairing.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.puml
new file mode 100644
index 00000000..8d52071b
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.puml
@@ -0,0 +1,119 @@
+@startuml
+
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Request consent (OTP)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant DFSP
+
+autonumber 1 "REQ-# "
+
+activate PISP
+
+...
+
+note over PISP, DFSP
+ The user initiated some sort of account linking by choosing the appropriate DFSP from a screen inside the PISP application.
+end note
+
+...
+
+PISP -> Switch ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234", ""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Verify the consentRequest validity
+
+
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+"" {""\n\
+ "" authChannels: [ "OTP" ], ""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+
+note over PISP, DFSP
+ Here, the DFSP sends an OTP directly to the user (e.g., via SMS).
+end note
+
+deactivate DFSP
+
+Switch -> PISP: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+""{""\n\
+ "" authChannels: [ "OTP" ], ""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+
+note over PISP, DFSP
+ At this point, the PISP knows that the OTP authChannel is in use and the PISP App should prompt the user to provide the OTP.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.svg
new file mode 100644
index 00000000..ad65ece6
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-otp.svg
@@ -0,0 +1,294 @@
+
+
+ PISP Linking: Request consent (OTP)
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ The user initiated some sort of account linking by choosing the appropriate DFSP from a screen inside the PISP application.
+
+
+ REQ-1
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-2
+
+
+ 202 Accepted
+
+
+ REQ-3
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-4
+
+
+ 202 Accepted
+
+
+ REQ-5
+
+
+ Verify the consentRequest validity
+
+
+ REQ-6
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ authChannels: [ "OTP" ],
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-7
+
+
+ 200 OK
+
+
+ Here, the DFSP sends an OTP directly to the user (e.g., via SMS).
+
+
+ REQ-8
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ authChannels: [ "OTP" ],
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-9
+
+
+ 200 OK
+
+
+ At this point, the PISP knows that the OTP authChannel is in use and the PISP App should prompt the user to provide the OTP.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.puml
new file mode 100644
index 00000000..de404fc3
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.puml
@@ -0,0 +1,118 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+
+title PISP Linking: Request consent (Web)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant DFSP
+
+autonumber 1 "REQ-# "
+
+activate PISP
+
+...
+
+note over PISP, DFSP
+ The user initiated some sort of account linking by choosing the appropriate DFSP from a screen inside the PISP application.
+end note
+
+...
+
+PISP -> Switch ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+ "" {""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234", ""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234", ""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+ "" {""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234", ""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+
+DFSP -> DFSP: Verify the consentRequest validity
+DFSP -> DFSP: In this case, DFSP chooses to use the Web channel, \n and adds the PISP's callback uri to an allow-list
+deactivate Switch
+
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ "" {""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ "" authUri: "dfspa.com/authorize?consentRequestId=11111111-0000-0000-0000-000000000000" ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ "" {""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "Web" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ "" authUri: "dfspa.com/authorize?consentRequestId=11111111-0000-0000-0000-000000000000" ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+
+note over PISP, DFSP
+ At this point, the PISP knows that the Web authChannel is in use and the PISP App should redirect the user to the provided ""authUri"".
+end note
+
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.svg
new file mode 100644
index 00000000..ecffd688
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/2-request-consent-web.svg
@@ -0,0 +1,311 @@
+
+
+ PISP Linking: Request consent (Web)
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ The user initiated some sort of account linking by choosing the appropriate DFSP from a screen inside the PISP application.
+
+
+ REQ-1
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-2
+
+
+ 202 Accepted
+
+
+ REQ-3
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-4
+
+
+ 202 Accepted
+
+
+ REQ-5
+
+
+ Verify the consentRequest validity
+
+
+ REQ-6
+
+
+ In this case, DFSP chooses to use the Web channel,
+
+
+ and adds the PISP's callback uri to an allow-list
+
+
+ REQ-7
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ authUri: "dfspa.com/authorize?consentRequestId=11111111-0000-0000-0000-000000000000"
+
+
+ }
+
+
+ REQ-8
+
+
+ 200 OK
+
+
+ REQ-9
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "Web" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ authUri: "dfspa.com/authorize?consentRequestId=11111111-0000-0000-0000-000000000000"
+
+
+ }
+
+
+ REQ-10
+
+
+ 200 OK
+
+
+ At this point, the PISP knows that the Web authChannel is in use and the PISP App should redirect the user to the provided
+
+
+ authUri
+
+
+ .
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.puml
new file mode 100644
index 00000000..2fdb17e5
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.puml
@@ -0,0 +1,62 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Authentication (OTP)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "AUTH-# "
+
+...
+
+note over PISP, DFSP
+ Here the user provides the OTP sent directly to them by the DFSP into the PISP App. It's then used as the secret to prove to the DFSP that the user trusts the PISP.
+end note
+
+...
+
+PISP -> Switch ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Verify the OTP is correct.
+
+note over PISP, DFSP
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.svg
new file mode 100644
index 00000000..3372bda1
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-otp.svg
@@ -0,0 +1,116 @@
+
+
+ PISP Linking: Authentication (OTP)
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ Here the user provides the OTP sent directly to them by the DFSP into the PISP App. It's then used as the secret to prove to the DFSP that the user trusts the PISP.
+
+
+ AUTH-1
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ AUTH-2
+
+
+ 202 Accepted
+
+
+ AUTH-3
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ AUTH-4
+
+
+ 202 Accepted
+
+
+ AUTH-5
+
+
+ Verify the OTP is correct.
+
+
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.puml
new file mode 100644
index 00000000..9d05ec44
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.puml
@@ -0,0 +1,45 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Authentication (Third-party FIDO registration)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "3P-FIDO-AUTH-# "
+
+...
+
+note over PISP, DFSP
+ Here the user goes through the web authentication process with their DFSP.
+ The end result is a redirect back to the PISP with a special URL parameter indicating to the PISP that it should wait to be notified about a credential.
+end note
+
+...
+
+autonumber 1 "AUTH-# "
+
+note over PISP, DFSP
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.svg
new file mode 100644
index 00000000..32fdc652
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-third-party-fido.svg
@@ -0,0 +1,50 @@
+
+
+ PISP Linking: Authentication (Third-party FIDO registration)
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ Here the user goes through the web authentication process with their DFSP.
+
+
+ The end result is a redirect back to the PISP with a special URL parameter indicating to the PISP that it should wait to be notified about a credential.
+
+
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.puml
new file mode 100644
index 00000000..f31a9ed5
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.puml
@@ -0,0 +1,65 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Authentication (Web)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "WEB-AUTH-# "
+
+...
+
+note over PISP, DFSP
+ Here the user goes through the web authentication process with their DFSP.
+ The end result is a redirect back to the PISP with a special URL parameter with a secret provided by the DFSP.
+end note
+
+...
+
+autonumber 1 "AUTH-# "
+
+PISP -> Switch ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Verify the auth token is correct.
+
+note over PISP, DFSP
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.svg
new file mode 100644
index 00000000..8ed74081
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/3-authentication-web.svg
@@ -0,0 +1,119 @@
+
+
+ PISP Linking: Authentication (Web)
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ Here the user goes through the web authentication process with their DFSP.
+
+
+ The end result is a redirect back to the PISP with a special URL parameter with a secret provided by the DFSP.
+
+
+ AUTH-1
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<SECRET>"
+
+
+ }
+
+
+ AUTH-2
+
+
+ 202 Accepted
+
+
+ AUTH-3
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<SECRET>"
+
+
+ }
+
+
+ AUTH-4
+
+
+ 202 Accepted
+
+
+ AUTH-5
+
+
+ Verify the auth token is correct.
+
+
+ At this point, the DFSP believes that the User is their customer and that User trusts the PISP. This means that the DFSP can continue by granting consent.
+
+
+ Note that the DFSP never "responds" to the Consent Request itself. Instead, it will create a Consent resource in the Grant phase.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.puml
new file mode 100644
index 00000000..e0ede15d
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.puml
@@ -0,0 +1,64 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+!pragma teoz true
+
+title PISP Linking: Grant consent
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant "Switch" as Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "GRANT-# "
+
+DFSP -> Switch ++: ""POST /consents""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSIOP-Destination: pispa""\n\
+"" {""\n\
+ "" consentId: "22222222-0000-0000-0000-000000000000",""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" status: "ISSUED",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ ""}""
+Switch --> DFSP: ""202 Accepted""
+deactivate DFSP
+
+Switch -> PISP ++: ""POST /consents""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSIOP-Destination: pispa""\n\
+"" {""\n\
+ "" consentId: "22222222-0000-0000-0000-000000000000",""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" status: "ISSUED",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ ""}""
+
+PISP --> Switch: ""202 Accepted""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.svg
new file mode 100644
index 00000000..60e2e734
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/4-grant-consent.svg
@@ -0,0 +1,134 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Grant consent
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ GRANT-1
+
+
+ POST /consents
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ consentId: "22222222-0000-0000-0000-000000000000",
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ status: "ISSUED",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ }
+
+
+ GRANT-2
+
+
+ 202 Accepted
+
+
+ GRANT-3
+
+
+ POST /consents
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ consentId: "22222222-0000-0000-0000-000000000000",
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ status: "ISSUED",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ }
+
+
+ GRANT-4
+
+
+ 202 Accepted
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.puml
new file mode 100644
index 00000000..b7cd8fe0
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.puml
@@ -0,0 +1,219 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+!pragma teoz true
+
+title PISP Linking: Credential registration (verification)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant "Thirdparty-API-Adapter" as Switch
+ participant "Account Lookup Service" as ALS
+ participant "Auth Service" as Auth
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 0 "CRED-# "
+
+...
+
+note over PISP, DFSP
+ The PISP uses the FIDO registration flow to generate a new keypair and sign the challenge, relying on the user performing an "unlock action" on their mobile device.
+
+ The PISP uses the PublicKeyCredential as the fidoPayload for the credential, which can be understood by the Auth Service and DFSP
+ See https://webauthn.guide/#authentication for more information on this object
+end note
+
+...
+
+PISP -> Switch ++: ""PUT /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: pispa""\n\
+"" FSPIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" status: "ISSUED",""\n\
+ "" scopes: [""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ],""\n\
+ "" },""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ],""\n\
+ "" }""\n\
+ "" ],""\n\
+ "" credential: { ""\n\
+ "" credentialType: "FIDO",""\n\
+ "" status: "PENDING",""\n\
+ "" fidoPayload: { ""\n\
+ "" id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA", "" \n\
+ "" response: { ""\n\
+ "" "" authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",\n\
+ "" "" clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",\n\
+ "" "" signature: "MEUCIDcJRBu5aOLJVc..."\n\
+ "" } ""\n\
+ "" } ""\n\
+ "" }""\n\
+"" }""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+
+Switch -> DFSP ++: ""PUT /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: pispa""\n\
+"" FSPIOP-Destination: dfspa""\n\
+"" {...}""
+
+DFSP --> Switch: ""202 Accepted""
+
+
+rnote over DFSP
+ 1. DFSP checks the signed challenge against the derived challenge from the scopes
+
+ If the DFSP opts to use the hub-hosted Auth-Service it then:
+ 1. Registers the consent with the Auth Service ""POST /consents""
+ 2. If the DFSP recieves a `PUT /consents/{id}` and the callback contains
+ ""Consent.credential.status"" of ""VERIFIED"", for each scope in the
+ Consent, the DFSP creates a ""CredentialScope"" else, if it recieves
+ a `PUT /consents/{id}/error` callback, it knows that the Consent is
+ invalid, and can propagate the error back to the PISP
+
+end note
+
+
+DFSP -> Switch: ""POST /consents"" \n\
+"" FSIOP-Source: dfspa""\n\
+"" FSPIOP-Destination: central-auth""\n\
+"" {""\n\
+ "" consentId: "22222222-0000-0000-0000-000000000000"""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000"""\n\
+ "" status: "ISSUED",""\n\
+ "" scopes: [""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ],""\n\
+ "" }""\n\
+ "" },""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ],""\n\
+ "" }""\n\
+ "" },""\n\
+ "" ],""\n\
+ "" credential: { ""\n\
+ "" credentialType: "FIDO",""\n\
+ "" status: "PENDING",""\n\
+ "" fidoPayload: { ""\n\
+ "" id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA", "" \n\
+ "" response: { ""\n\
+ "" "" authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",\n\
+ "" "" clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",\n\
+ "" "" signature: "MEUCIDcJRBu5aOLJVc..."\n\
+ "" } ""\n\
+ "" } ""\n\
+ "" }""\n\
+"" }""
+
+Switch --> DFSP: "202 Accepted"
+
+
+Switch -> Auth: ""POST /consents"" \n\
+"" FSIOP-Source: dfspa""\n\
+"" FSPIOP-Destination: central-auth""\n\
+"" {...}""
+
+Auth --> Switch: "202 Accepted"
+
+
+rnote over Auth
+ The Auth Service checks the signature against the challenge
+end note
+
+rnote over Auth
+ The auth service is now the authoritative source for the Consent object.
+
+ It must register the consentId with the ALS
+ - `Consent` - to allow for `GET /consent/{ID}` calls etc. Will point to the fspId of the Auth Service responsible for the Consent
+end note
+
+Auth -> ALS: ""POST /participants/CONSENTS/22222222-0000-0000-0000-000000000000"" \n\
+"" FSIOP-Source: central-auth""\n\
+"" {""\n\
+"" fspId: "central-auth",""\n\
+"" }""
+ALS --> Auth: ""202 Accepted""
+
+rnote over ALS #LightGray
+ ALS registers a new entry in the Consents oracle
+end note
+
+ALS -> Auth: ""PUT /participants/CONSENTS/22222222-0000-0000-0000-000000000000"" \n\
+"" FSIOP-Source: account-lookup-service""\n\
+"" FSIOP-Destination: central-auth""\n\
+"" {""\n\
+"" fspId: "central-auth",""\n\
+"" }""
+Auth --> ALS: ""200 OK""
+
+rnote over Auth #LightGray
+ The auth service now informs the DFSP that the credential is valid
+end note
+
+
+Auth -> Switch: ""PUT /consents/22222222-0000-0000-0000-000000000000"" \n\
+"" FSIOP-Source: central-auth""\n\
+"" FSPIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000"""\n\
+ "" status: "ISSUED",""\n\
+ "" scopes: [""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "accounts.transfer", "accounts.getBalance" ],""\n\
+ "" },""\n\
+ "" {""\n\
+ "" accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "accounts.transfer", "accounts.getBalance" ],""\n\
+ "" },""\n\
+ "" ],""\n\
+ "" credential: { ""\n\
+ "" credentialType: "FIDO",""\n\
+ "" status: "VERIFIED",""\n\
+ "" fidoPayload: { ""\n\
+ "" id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA", "" \n\
+ "" response: { ""\n\
+ "" "" authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",\n\
+ "" "" clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",\n\
+ "" "" signature: "MEUCIDcJRBu5aOLJVc..."\n\
+ "" } ""\n\
+ "" } ""\n\
+ "" }""\n\
+"" }""
+Switch --> Auth: "200 OK"
+
+Switch -> DFSP: ""PUT /consents/22222222-0000-0000-0000-000000000000"" \n\
+"" FSIOP-Source: central-auth""\n\
+"" FSPIOP-Destination: dfspa""\n\
+"" {...}""
+
+DFSP --> Switch: "200 OK"
+
+rnote over DFSP
+ DFSP is now satisfied that the Consent registered by the PISP is valid.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.svg
new file mode 100644
index 00000000..8a792580
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5a-credential-registration.svg
@@ -0,0 +1,577 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Credential registration (verification)
+
+
+ PISP
+
+
+ Thirdparty-API-Adapter
+
+
+ Account Lookup Service
+
+
+ Auth Service
+
+
+ DFSP
+
+
+ The PISP uses the FIDO registration flow to generate a new keypair and sign the challenge, relying on the user performing an "unlock action" on their mobile device.
+
+
+ The PISP uses the PublicKeyCredential as the fidoPayload for the credential, which can be understood by the Auth Service and DFSP
+
+
+ See https://webauthn.guide/#authentication for more information on this object
+
+
+ CRED-0
+
+
+ PUT /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ status: "ISSUED",
+
+
+ scopes: [
+
+
+ {
+
+
+ accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ],
+
+
+ },
+
+
+ {
+
+
+ accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ],
+
+
+ }
+
+
+ ],
+
+
+ credential: {
+
+
+ credentialType: "FIDO",
+
+
+ status: "PENDING",
+
+
+ fidoPayload: {
+
+
+ id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA",
+
+
+ response: {
+
+
+ authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",
+
+
+ clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",
+
+
+ signature: "MEUCIDcJRBu5aOLJVc..."
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ CRED-1
+
+
+ 202 Accepted
+
+
+ CRED-2
+
+
+ PUT /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {...}
+
+
+ CRED-3
+
+
+ 202 Accepted
+
+
+ 1. DFSP checks the signed challenge against the derived challenge from the scopes
+
+
+ If the DFSP opts to use the hub-hosted Auth-Service it then:
+
+
+ 1. Registers the consent with the Auth Service
+
+
+ POST /consents
+
+
+ 2. If the DFSP recieves a `PUT /consents/{id}` and the callback contains
+
+
+ Consent.credential.status
+
+
+ of
+
+
+ VERIFIED
+
+
+ , for each scope in the
+
+
+ Consent, the DFSP creates a
+
+
+ CredentialScope
+
+
+ else, if it recieves
+
+
+ a `PUT /consents/{id}/error` callback, it knows that the Consent is
+
+
+ invalid, and can propagate the error back to the PISP
+
+
+ CRED-4
+
+
+ POST /consents
+
+
+ FSIOP-Source: dfspa
+
+
+ FSPIOP-Destination: central-auth
+
+
+ {
+
+
+ consentId: "22222222-0000-0000-0000-000000000000
+
+
+ "
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000
+
+
+ "
+
+
+ status: "ISSUED",
+
+
+ scopes: [
+
+
+ {
+
+
+ accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ],
+
+
+ }
+
+
+ },
+
+
+ {
+
+
+ accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ],
+
+
+ }
+
+
+ },
+
+
+ ],
+
+
+ credential: {
+
+
+ credentialType: "FIDO",
+
+
+ status: "PENDING",
+
+
+ fidoPayload: {
+
+
+ id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA",
+
+
+ response: {
+
+
+ authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",
+
+
+ clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",
+
+
+ signature: "MEUCIDcJRBu5aOLJVc..."
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ CRED-5
+
+
+ "202 Accepted"
+
+
+ CRED-6
+
+
+ POST /consents
+
+
+ FSIOP-Source: dfspa
+
+
+ FSPIOP-Destination: central-auth
+
+
+ {...}
+
+
+ CRED-7
+
+
+ "202 Accepted"
+
+
+ The Auth Service checks the signature against the challenge
+
+
+ The auth service is now the authoritative source for the Consent object.
+
+
+ It must register the consentId with the ALS
+
+
+ - `Consent` - to allow for `GET /consent/{ID}` calls etc. Will point to the fspId of the Auth Service responsible for the Consent
+
+
+ CRED-8
+
+
+ POST /participants/CONSENTS/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ {
+
+
+ fspId: "central-auth",
+
+
+ }
+
+
+ CRED-9
+
+
+ 202 Accepted
+
+
+ ALS registers a new entry in the Consents oracle
+
+
+ CRED-10
+
+
+ PUT /participants/CONSENTS/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: account-lookup-service
+
+
+ FSIOP-Destination: central-auth
+
+
+ {
+
+
+ fspId: "central-auth",
+
+
+ }
+
+
+ CRED-11
+
+
+ 200 OK
+
+
+ The auth service now informs the DFSP that the credential is valid
+
+
+ CRED-12
+
+
+ PUT /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000
+
+
+ "
+
+
+ status: "ISSUED",
+
+
+ scopes: [
+
+
+ {
+
+
+ accountId: "dfsp.username.1234",
+
+
+ actions: [ "accounts.transfer", "accounts.getBalance" ],
+
+
+ },
+
+
+ {
+
+
+ accountId: "dfsp.username.5678",
+
+
+ actions: [ "accounts.transfer", "accounts.getBalance" ],
+
+
+ },
+
+
+ ],
+
+
+ credential: {
+
+
+ credentialType: "FIDO",
+
+
+ status: "VERIFIED",
+
+
+ fidoPayload: {
+
+
+ id: "45c-TkfkjQovQeAWmOy-RLBHEJ_e4jYzQYgD8VdbkePgM5d98BaAadadNYrknxgH0jQEON8zBydLgh1EqoC9DA",
+
+
+ response: {
+
+
+ authenticatorData: "SZYN5YgOjGh0NBcPZHZgW4/krrmihjLHmVzzuoMdl2MBAAAACA==",
+
+
+ clientDataJSON: "eyJ0eXBlIjoid2ViYXV0aG4...",
+
+
+ signature: "MEUCIDcJRBu5aOLJVc..."
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ CRED-13
+
+
+ "200 OK"
+
+
+ CRED-14
+
+
+ PUT /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {...}
+
+
+ CRED-15
+
+
+ "200 OK"
+
+
+ DFSP is now satisfied that the Consent registered by the PISP is valid.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.puml
new file mode 100644
index 00000000..791a929d
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.puml
@@ -0,0 +1,97 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+!pragma teoz true
+
+title PISP Linking: Credential registration (verification)
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant "Switch" as Switch
+ participant "Account Lookup Service" as ALS
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 16 "CRED-# "
+
+...
+
+
+rnote over DFSP
+ DFSP is now satisfied that the Consent registered by the PISP is valid,
+ and now proceeds to register with the ALS:
+ - `THIRD_PARTY_LINK` (optional - for routing of funds to a Third Party Link)
+ ALS
+end note
+
+loop for each scope in ""Consents.scopes""
+
+DFSP -> ALS: ""POST /participants/THIRD_PARTY_LINK/dfsp.username.5678"" \n\
+"" FSIOP-Source: dfspa""\n\
+"" {""\n\
+"" fspId: "dfspa",""\n\
+"" }""
+ALS --> DFSP: ""202 Accepted""
+
+rnote over ALS #LightGray
+ ALS registers a new entry in the THIRD_PARTY_LINK oracle
+end note
+
+ALS -> DFSP: ""PUT /participants/THIRD_PARTY_LINK/dfsp.username.5678"" \n\
+"" FSIOP-Source: account-lookup-service""\n\
+"" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+"" fspId: "dfspa",""\n\
+"" }""
+DFSP --> ALS: ""200 OK""
+end
+
+
+rnote over DFSP
+ Now that the Credentials are verified and registered with the Auth Service,
+ the DFSP can update the PISP with the final status
+end note
+
+DFSP -> Switch: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSPIOP-Destination: pispa""\n\
+"" Content-Type: application/merge-patch+json""\n\
+"" {""\n\
+ "" credential: {""\n\
+ "" **status: "VERIFIED", //this is new!**""\n\
+ "" }""\n\
+"" }""
+DFSP --> Switch: ""200 OK""
+
+Switch -> PISP ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSPIOP-Destination: pispa""\n\
+"" Content-Type: application/merge-patch+json""\n\
+"" {""\n\
+ "" credential: {""\n\
+ "" **status: "VERIFIED", //this is new!**""\n\
+ "" }""\n\
+"" }""
+PISP --> Switch: ""200 OK""
+
+
+note over PISP, DFSP
+ Now we have a new identifier that the PISP can use to initiate transactions, a registered credential, and that credential is stored in the auth-service
+end note
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.svg
new file mode 100644
index 00000000..54ba4470
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/5b-finalize_consent.svg
@@ -0,0 +1,215 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Credential registration (verification)
+
+
+ PISP
+
+
+ Switch
+
+
+ Account Lookup Service
+
+
+ DFSP
+
+
+ DFSP is now satisfied that the Consent registered by the PISP is valid,
+
+
+ and now proceeds to register with the ALS:
+
+
+ - `THIRD_PARTY_LINK` (optional - for routing of funds to a Third Party Link)
+
+
+ ALS
+
+
+ loop
+
+
+ [for each scope in
+
+
+ Consents.scopes
+
+
+ ]
+
+
+ CRED-16
+
+
+ POST /participants/THIRD_PARTY_LINK/dfsp.username.5678
+
+
+ FSIOP-Source: dfspa
+
+
+ {
+
+
+ fspId: "dfspa",
+
+
+ }
+
+
+ CRED-17
+
+
+ 202 Accepted
+
+
+ ALS registers a new entry in the THIRD_PARTY_LINK oracle
+
+
+ CRED-18
+
+
+ PUT /participants/THIRD_PARTY_LINK/dfsp.username.5678
+
+
+ FSIOP-Source: account-lookup-service
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ fspId: "dfspa",
+
+
+ }
+
+
+ CRED-19
+
+
+ 200 OK
+
+
+ Now that the Credentials are verified and registered with the Auth Service,
+
+
+ the DFSP can update the PISP with the final status
+
+
+ CRED-20
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ Content-Type: application/merge-patch+json
+
+
+ {
+
+
+ credential: {
+
+
+ status: "VERIFIED", //this is new!
+
+
+ }
+
+
+ }
+
+
+ CRED-21
+
+
+ 200 OK
+
+
+ CRED-22
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ Content-Type: application/merge-patch+json
+
+
+ {
+
+
+ credential: {
+
+
+ status: "VERIFIED", //this is new!
+
+
+ }
+
+
+ }
+
+
+ CRED-23
+
+
+ 200 OK
+
+
+ Now we have a new identifier that the PISP can use to initiate transactions, a registered credential, and that credential is stored in the auth-service
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.puml
new file mode 100644
index 00000000..4c2ff1b5
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.puml
@@ -0,0 +1,72 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+!pragma teoz true
+
+title PISP Linking: Unlinking
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "UNLINK-A-# "
+
+activate PISP
+
+...
+
+note over PISP, DFSP
+ In this scenario there is no Hub-hosted Auth Service. The DFSP is the authority on the ""Consent"" object.
+end note
+
+...
+
+PISP -> Switch ++: ""DELETE /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: pispa""\n\
+"" FSIOP-Destination: dfspa""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""DELETE /consents/22222222-0000-0000-0000-000000000000""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Mark the ""Consent"" object as "REVOKED"
+
+DFSP -> Switch ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSIOP-Destination: pispa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000"""\n\
+""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: dfspa""\n\
+"" FSIOP-Destination: pispa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000""\n\
+""}""
+PISP --> Switch: ""200 OK""
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.svg
new file mode 100644
index 00000000..14dabe21
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6a-unlinking-dfsp-hosted.svg
@@ -0,0 +1,172 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Unlinking
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ In this scenario there is no Hub-hosted Auth Service. The DFSP is the authority on the
+
+
+ Consent
+
+
+ object.
+
+
+ UNLINK-A-1
+
+
+ DELETE /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ UNLINK-A-2
+
+
+ 202 Accepted
+
+
+ UNLINK-A-3
+
+
+ DELETE /consents/22222222-0000-0000-0000-000000000000
+
+
+ UNLINK-A-4
+
+
+ 202 Accepted
+
+
+ UNLINK-A-5
+
+
+ Mark the
+
+
+ Consent
+
+
+ object as "REVOKED"
+
+
+ UNLINK-A-6
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ "
+
+
+ }
+
+
+ UNLINK-A-7
+
+
+ 200 OK
+
+
+ UNLINK-A-8
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ }
+
+
+ UNLINK-A-9
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.puml
new file mode 100644
index 00000000..914dc770
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.puml
@@ -0,0 +1,105 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+!pragma teoz true
+
+title PISP Linking: Unlinking
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+ participant "Account Lookup Service" as ALS
+ participant "Auth Service" as Auth
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "UNLINK-B-# "
+
+activate PISP
+
+...
+
+note over PISP, DFSP
+ In this scenario there is no Hub-hosted Auth Service. The DFSP is the authority on the ""Consent"" object.
+end note
+
+...
+
+PISP -> Switch ++: ""DELETE /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: pispa""\n\
+"" FSIOP-Destination: dfspa""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> ALS: ""GET /participants/CONSENT/22222222-0000-0000-0000-000000000000""
+ALS --> Switch: ""200 OK""\n\
+"" { "fspId": "central-auth" }""
+
+rnote over Switch #LightGray
+ Hub has determined that 'central-auth- is responsible for ""Consent"" 22222222-0000-0000-0000-000000000000
+end note
+
+Switch -> Auth ++: ""DELETE /consents/22222222-0000-0000-0000-000000000000""
+Auth --> Switch: ""202 Accepted""
+deactivate Switch
+
+Auth -> Auth: Mark the ""Consent"" object as "REVOKED"
+
+Auth -> Switch ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: central-auth""\n\
+"" FSIOP-Destination: pispa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000"""\n\
+""}""
+Switch --> Auth: ""200 OK""
+deactivate Auth
+
+Switch -> PISP ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: central-auth""\n\
+"" FSIOP-Destination: pispa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000"""\n\
+""}""
+PISP --> Switch: ""200 OK""
+
+
+rnote over Auth #LightGray
+ Auth Service must also inform the DFSP of the updated status
+end note
+
+Auth -> Switch ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: central-auth""\n\
+"" FSIOP-Destination: dfspa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000"""\n\
+""}""
+Switch --> Auth: ""200 OK""
+deactivate Auth
+
+Switch -> DFSP ++: ""PATCH /consents/22222222-0000-0000-0000-000000000000""\n\
+"" FSIOP-Source: central-auth""\n\
+"" FSIOP-Destination: dfspa""\n\
+""{ ""\n\
+"" status: "REVOKED",""\n\
+"" revokedAt: "2020-06-15T13:00:00.000"""\n\
+""}""
+DFSP --> Switch: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.svg
new file mode 100644
index 00000000..bb3c5019
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/6b-unlinking-hub-hosted.svg
@@ -0,0 +1,298 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Unlinking
+
+
+ PISP
+
+
+ Switch
+
+
+ Account Lookup Service
+
+
+ Auth Service
+
+
+ DFSP
+
+
+ In this scenario there is no Hub-hosted Auth Service. The DFSP is the authority on the
+
+
+ Consent
+
+
+ object.
+
+
+ UNLINK-B-1
+
+
+ DELETE /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ UNLINK-B-2
+
+
+ 202 Accepted
+
+
+ UNLINK-B-3
+
+
+ GET /participants/CONSENT/22222222-0000-0000-0000-000000000000
+
+
+ UNLINK-B-4
+
+
+ 200 OK
+
+
+ { "fspId": "central-auth" }
+
+
+ Hub has determined that 'central-auth- is responsible for
+
+
+ Consent
+
+
+ 22222222-0000-0000-0000-000000000000
+
+
+ UNLINK-B-5
+
+
+ DELETE /consents/22222222-0000-0000-0000-000000000000
+
+
+ UNLINK-B-6
+
+
+ 202 Accepted
+
+
+ UNLINK-B-7
+
+
+ Mark the
+
+
+ Consent
+
+
+ object as "REVOKED"
+
+
+ UNLINK-B-8
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ "
+
+
+ }
+
+
+ UNLINK-B-9
+
+
+ 200 OK
+
+
+ UNLINK-B-10
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ "
+
+
+ }
+
+
+ UNLINK-B-11
+
+
+ 200 OK
+
+
+ Auth Service must also inform the DFSP of the updated status
+
+
+ UNLINK-B-12
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ "
+
+
+ }
+
+
+ UNLINK-B-13
+
+
+ 200 OK
+
+
+ UNLINK-B-14
+
+
+ PATCH /consents/22222222-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: central-auth
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ status: "REVOKED",
+
+
+ revokedAt: "2020-06-15T13:00:00.000
+
+
+ "
+
+
+ }
+
+
+ UNLINK-B-15
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.puml
new file mode 100644
index 00000000..bf5d76ca
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.puml
@@ -0,0 +1,79 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Discovery error case
+
+box "PISP"
+ participant PISP
+end box
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant DFSP
+
+autonumber 1 "DISC-# "
+activate PISP
+
+PISP -> Switch ++: ""GET /accounts/username1234""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""GET /accounts/username1234""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Lookup a user for **username1234**
+DFSP -> DFSP: No user found
+
+DFSP -> Switch ++: ""PUT /accounts/username1234/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6205", ""\n\
+ "" errorDescription: "No accounts found" ""\n\
+ "" } ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /accounts/username1234/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6205", ""\n\
+ "" errorDescription: "No accounts found" ""\n\
+ "" } ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+...
+
+note over Switch
+ The PISP can now show error message and user can try again with another username or different DFSP.
+end note
+
+...
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.svg
new file mode 100644
index 00000000..d3d18465
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/1-discovery-error.svg
@@ -0,0 +1,182 @@
+
+
+ PISP Linking: Discovery error case
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ DISC-1
+
+
+ GET /accounts/username1234
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ DISC-2
+
+
+ 202 Accepted
+
+
+ DISC-3
+
+
+ GET /accounts/username1234
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ DISC-4
+
+
+ 202 Accepted
+
+
+ DISC-5
+
+
+ Lookup a user for
+
+
+ username1234
+
+
+ DISC-6
+
+
+ No user found
+
+
+ DISC-7
+
+
+ PUT /accounts/username1234/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6205",
+
+
+ errorDescription: "No accounts found"
+
+
+ }
+
+
+ }
+
+
+ DISC-8
+
+
+ 200 OK
+
+
+ DISC-9
+
+
+ PUT /accounts/username1234/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6205",
+
+
+ errorDescription: "No accounts found"
+
+
+ }
+
+
+ }
+
+
+ DISC-10
+
+
+ 200 OK
+
+
+ The PISP can now show error message and user can try again with another username or different DFSP.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.puml
new file mode 100644
index 00000000..e3cbf456
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.puml
@@ -0,0 +1,162 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title **PISP Linking: consentRequest error cases**
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+== NO_SUPPORTED_SCOPE_ACTIONS ==
+
+autonumber 1 "REQ-# "
+PISP -> Switch ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234", ""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.91011",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "WEB", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.91011",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "WEB", "OTP" ],""\n\
+ "" callbackUri: "pisp-app://callback..."""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+autonumber 1 "DFSP-# "
+DFSP -> DFSP: The PISP requested permissions \nfor accountId dfsp.username.91011 which \n isn't owned by username1234
+
+autonumber 5 "REQ-# "
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6101", ""\n\
+ "" errorDescription: "Unsupported scopes were requested" ""\n\
+ "" } ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6101", ""\n\
+ "" errorDescription: "Unsupported scopes were requested" ""\n\
+ "" } ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+== UNTRUSTED_CALLBACK_URI ==
+
+autonumber 1 "REQ-# "
+PISP -> Switch ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234", ""\n\
+ "" scopes: [ ""\n\
+ "" { **accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "WEB", "OTP" ],""\n\
+ "" callbackUri: "http://phishing.com"""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""POST /consentRequests""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+""{""\n\
+ "" consentRequestId: "11111111-0000-0000-0000-000000000000",""\n\
+ "" userId: "username1234",""\n\
+ "" scopes: [ ""\n\
+ "" { accountId: "dfsp.username.1234",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" { accountId: "dfsp.username.5678",""\n\
+ "" actions: [ "ACCOUNTS_TRANSFER" ] },""\n\
+ "" ],""\n\
+ "" authChannels: [ "WEB", "OTP" ],""\n\
+ "" callbackUri: "http://phishing.com"""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+autonumber 1 "DFSP-# "
+DFSP -> DFSP: The callbackUri uses http scheme \ninstead of https. Reject the consentRequest
+
+autonumber 5 "REQ-# "
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6204", ""\n\
+ "" errorDescription: "Bad callbackUri" ""\n\
+ "" } ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6204", ""\n\
+ "" errorDescription: "Bad callbackUri" ""\n\
+ "" } ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.svg
new file mode 100644
index 00000000..50cacb14
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/2-request-consent-error.svg
@@ -0,0 +1,455 @@
+
+
+ PISP Linking: consentRequest error cases
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ NO_SUPPORTED_SCOPE_ACTIONS
+
+
+ REQ-1
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.91011",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "WEB", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-2
+
+
+ 202 Accepted
+
+
+ REQ-3
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.91011",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "WEB", "OTP" ],
+
+
+ callbackUri: "pisp-app://callback...
+
+
+ "
+
+
+ }
+
+
+ REQ-4
+
+
+ 202 Accepted
+
+
+ DFSP-1
+
+
+ The PISP requested permissions
+
+
+ for accountId dfsp.username.91011 which
+
+
+ isn't owned by username1234
+
+
+ REQ-5
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6101",
+
+
+ errorDescription: "Unsupported scopes were requested"
+
+
+ }
+
+
+ }
+
+
+ REQ-6
+
+
+ 200 OK
+
+
+ REQ-7
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6101",
+
+
+ errorDescription: "Unsupported scopes were requested"
+
+
+ }
+
+
+ }
+
+
+ REQ-8
+
+
+ 200 OK
+
+
+ UNTRUSTED_CALLBACK_URI
+
+
+ REQ-1
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { **accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "WEB", "OTP" ],
+
+
+ callbackUri: "http://phishing.com
+
+
+ "
+
+
+ }
+
+
+ REQ-2
+
+
+ 202 Accepted
+
+
+ REQ-3
+
+
+ POST /consentRequests
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ consentRequestId: "11111111-0000-0000-0000-000000000000",
+
+
+ userId: "username1234",
+
+
+ scopes: [
+
+
+ { accountId: "dfsp.username.1234",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ { accountId: "dfsp.username.5678",
+
+
+ actions: [ "ACCOUNTS_TRANSFER" ] },
+
+
+ ],
+
+
+ authChannels: [ "WEB", "OTP" ],
+
+
+ callbackUri: "http://phishing.com
+
+
+ "
+
+
+ }
+
+
+ REQ-4
+
+
+ 202 Accepted
+
+
+ DFSP-1
+
+
+ The callbackUri uses http scheme
+
+
+ instead of https. Reject the consentRequest
+
+
+ REQ-5
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6204",
+
+
+ errorDescription: "Bad callbackUri"
+
+
+ }
+
+
+ }
+
+
+ REQ-6
+
+
+ 200 OK
+
+
+ REQ-7
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6204",
+
+
+ errorDescription: "Bad callbackUri"
+
+
+ }
+
+
+ }
+
+
+ REQ-8
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.puml
new file mode 100644
index 00000000..c8856001
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.puml
@@ -0,0 +1,87 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISP Linking: Authentication Invalid authToken
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant Switch
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "AUTH-# "
+
+== Failure case ==
+
+...
+
+note over PISP, DFSP
+ The user enters an incorrect OTP for authentication.
+end note
+
+...
+
+PISP -> Switch ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: The OTP is incorrect.
+
+note over PISP, DFSP
+ We respond with an error that the OTP is incorrect so the PISP can inform the user.
+end note
+
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6203", ""\n\
+ "" errorDescription: "Invalid authentication token" ""\n\
+ "" } ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "6203", ""\n\
+ "" errorDescription: "Invalid authentication token" ""\n\
+ "" } ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.svg
new file mode 100644
index 00000000..4320e199
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/3-authentication-otp-invalid.svg
@@ -0,0 +1,197 @@
+
+
+ PISP Linking: Authentication Invalid authToken
+
+
+ Mojaloop
+
+
+ PISP
+
+
+ Switch
+
+
+ DFSP
+
+
+ Failure case
+
+
+ The user enters an incorrect OTP for authentication.
+
+
+ AUTH-1
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ AUTH-2
+
+
+ 202 Accepted
+
+
+ AUTH-3
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ AUTH-4
+
+
+ 202 Accepted
+
+
+ AUTH-5
+
+
+ The OTP is incorrect.
+
+
+ We respond with an error that the OTP is incorrect so the PISP can inform the user.
+
+
+ AUTH-6
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6203",
+
+
+ errorDescription: "Invalid authentication token"
+
+
+ }
+
+
+ }
+
+
+ AUTH-7
+
+
+ 200 OK
+
+
+ AUTH-8
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "6203",
+
+
+ errorDescription: "Invalid authentication token"
+
+
+ }
+
+
+ }
+
+
+ AUTH-9
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.puml b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.puml
new file mode 100644
index 00000000..c9e4f772
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.puml
@@ -0,0 +1,82 @@
+@startuml
+
+' declaring skinparam
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+
+!pragma teoz true
+
+title PISP Linking: Grant consent scope retrieval error
+
+participant "PISP" as PISP
+
+box "Mojaloop"
+ participant "Thirdparty-API-Adapter" as Switch
+ participant "Account Lookup Service" as ALS
+ participant "Auth Service" as Auth
+end box
+
+participant "DFSP" as DFSP
+
+autonumber 1 "GRANT-# "
+
+== Failure case ==
+
+PISP -> Switch ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+Switch --> PISP: ""202 Accepted""
+deactivate PISP
+
+Switch -> DFSP ++: ""PATCH /consentRequests/11111111-0000-0000-0000-000000000000""\n\
+ "" FSIOP-Source: pispa""\n\
+ "" FSIOP-Destination: dfspa""\n\
+"" {""\n\
+ "" authToken: "" ""\n\
+ ""}""
+DFSP --> Switch: ""202 Accepted""
+deactivate Switch
+
+DFSP -> DFSP: Verify the OTP is correct.
+
+DFSP -> DFSP: Unable to fetch stored scopes
+
+DFSP -> Switch ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "7207", ""\n\
+ "" errorDescription: "FSP failed retrieve scopes for consent request" ""\n\
+ "" } ""\n\
+ ""}""
+Switch --> DFSP: ""200 OK""
+deactivate DFSP
+
+Switch -> PISP ++: ""PUT /consentRequests/11111111-0000-0000-0000-000000000000/error""\n\
+ "" FSIOP-Source: dfspa""\n\
+ "" FSIOP-Destination: pispa""\n\
+ ""{""\n\
+ "" errorInformation : { ""\n\
+ "" errorCode: "7207", ""\n\
+ "" errorDescription: "FSP failed retrieve scopes for consent request" ""\n\
+ "" } ""\n\
+ ""}""
+PISP --> Switch: ""200 OK""
+deactivate Switch
+deactivate PISP
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.svg b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.svg
new file mode 100644
index 00000000..cc0b292e
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/linking/error_scenarios/4-grant-consent-scope-error.svg
@@ -0,0 +1,191 @@
+
+
+ Mojaloop
+
+
+ PISP Linking: Grant consent scope retrieval error
+
+
+ PISP
+
+
+ Thirdparty-API-Adapter
+
+
+ Account Lookup Service
+
+
+ Auth Service
+
+
+ DFSP
+
+
+ Failure case
+
+
+ GRANT-1
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ GRANT-2
+
+
+ 202 Accepted
+
+
+ GRANT-3
+
+
+ PATCH /consentRequests/11111111-0000-0000-0000-000000000000
+
+
+ FSIOP-Source: pispa
+
+
+ FSIOP-Destination: dfspa
+
+
+ {
+
+
+ authToken: "<OTP>"
+
+
+ }
+
+
+ GRANT-4
+
+
+ 202 Accepted
+
+
+ GRANT-5
+
+
+ Verify the OTP is correct.
+
+
+ GRANT-6
+
+
+ Unable to fetch stored scopes
+
+
+ GRANT-7
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "7207",
+
+
+ errorDescription: "FSP failed retrieve scopes for consent request"
+
+
+ }
+
+
+ }
+
+
+ GRANT-8
+
+
+ 200 OK
+
+
+ GRANT-9
+
+
+ PUT /consentRequests/11111111-0000-0000-0000-000000000000/error
+
+
+ FSIOP-Source: dfspa
+
+
+ FSIOP-Destination: pispa
+
+
+ {
+
+
+ errorInformation : {
+
+
+ errorCode: "7207",
+
+
+ errorDescription: "FSP failed retrieve scopes for consent request"
+
+
+ }
+
+
+ }
+
+
+ GRANT-10
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.puml
new file mode 100644
index 00000000..4cbf4dc6
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.puml
@@ -0,0 +1,72 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.1 Discovery
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP B"
+ participant "DFSP B\n(Payee)" as D3
+end box
+
+
+== Discovery (Lookup) ==
+rnote right of D1 #Light
+**""GET /parties/MSISDN/+4412345678""**
+""FSPIOP-Source: pispa""
+end note
+D1 -> S: ""GET /parties/MSISDN/+4412345678""
+S --> D1: ""202 Accepted""
+
+... ALS lookup flow not shown here ...
+
+rnote over S #Light
+**""GET /parties/MSISDN/+4412345678""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspb""
+end note
+S -> D3: ""GET /parties/MSISDN/+4412345678""
+D3 --> S: ""202 Accepted""
+
+rnote left of D3 #Light
+**""PUT /parties/MSISDN/+4412345678""**
+""FSPIOP-Source: dfspb""
+""FSPIOP-Destination: pispa""
+{
+ partyIdType: "MSISDN",
+ partyIdentifier: "+4412345678",
+ party: {
+ partyIdInfo: {
+ partyIdType: "MSISDN",
+ partyIdentifier: "+4412345678",
+ fspId: 'dfspb",
+ },
+ name: "Bhavesh S.",
+ }
+}
+end note
+D3 -> S: ""PUT /parties/MSISDN/+4412345678""
+S --> D3: ""200 OK""
+S -> D1: ""PUT /parties/MSISDN/+4412345678""
+D1 --> S: ""200 OK""
+
+... PISP confirms payee party with their user ...
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.svg
new file mode 100644
index 00000000..3517b835
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-1-discovery.svg
@@ -0,0 +1,156 @@
+
+
+ Transfer: 1.1 Discovery
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP B
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP B
+
+
+ (Payee)
+
+
+ Discovery (Lookup)
+
+
+ GET /parties/MSISDN/+4412345678
+
+
+ FSPIOP-Source: pispa
+
+
+ GET /parties/MSISDN/+4412345678
+
+
+ 202 Accepted
+
+
+ ALS lookup flow not shown here
+
+
+ GET /parties/MSISDN/+4412345678
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ GET /parties/MSISDN/+4412345678
+
+
+ 202 Accepted
+
+
+ PUT /parties/MSISDN/+4412345678
+
+
+ FSPIOP-Source: dfspb
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ partyIdType: "MSISDN",
+
+
+ partyIdentifier: "+4412345678",
+
+
+ party: {
+
+
+ partyIdInfo: {
+
+
+ partyIdType: "MSISDN",
+
+
+ partyIdentifier: "+4412345678",
+
+
+ fspId: 'dfspb",
+
+
+ },
+
+
+ name: "Bhavesh S.",
+
+
+ }
+
+
+ }
+
+
+ PUT /parties/MSISDN/+4412345678
+
+
+ 200 OK
+
+
+ PUT /parties/MSISDN/+4412345678
+
+
+ 200 OK
+
+
+ PISP confirms payee party with their user
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.puml
new file mode 100644
index 00000000..21250e52
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.puml
@@ -0,0 +1,86 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.1 Agreement
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+
+== Agreement Phase ==
+rnote right of D1 #Light
+**""POST /thirdpartyRequests/transactions""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "payer": {
+ "partyIdType": "THIRD_PARTY_LINK",
+ "partyIdentifier": "qwerty-56789",
+ "fspId": "dfspa"
+ },
+ "amountType": "SEND",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+}
+end note
+D1 -> S: ""POST /thirdpartyRequests/transactions""
+S --> D1: ""202 Accepted""
+S -> D2: ""POST /thirdpartyRequests/transactions""
+D2 --> S: ""202 Accepted""
+D2 -> D2: Lookup the consent for this ""payer"", verify that they exist, and consent \nis granted with a valid credential
+D2 -> D2: Store a referece to the ""consentId"" with the ""transactionRequestId""
+D2 -> D2: Generate a unique transactionId for this transaction request:\n**""11111111-0000-0000-0000-000000000000""**
+
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "transactionRequestState": "RECEIVED"
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+D1 --> S: ""200 OK""
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.svg
new file mode 100644
index 00000000..4c898f7e
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-1-agreement.svg
@@ -0,0 +1,224 @@
+
+
+ Transfer: 1.2.1 Agreement
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Agreement Phase
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "payer": {
+
+
+ "partyIdType": "THIRD_PARTY_LINK",
+
+
+ "partyIdentifier": "qwerty-56789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ "amountType": "SEND",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+
+
+ }
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ Lookup the consent for this
+
+
+ payer
+
+
+ , verify that they exist, and consent
+
+
+ is granted with a valid credential
+
+
+ Store a referece to the
+
+
+ consentId
+
+
+ with the
+
+
+ transactionRequestId
+
+
+ Generate a unique transactionId for this transaction request:
+
+
+ 11111111-0000-0000-0000-000000000000
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "transactionRequestState": "RECEIVED"
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.puml
new file mode 100644
index 00000000..798e8224
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.puml
@@ -0,0 +1,150 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.2 Authorization
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+box "DFSP B"
+ participant "DFSP B\n(Payee)" as D3
+end box
+
+rnote left of D2 #Light
+**""POST /quotes""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "quoteId": "22222222-0000-0000-0000-000000000000",
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "payer": {
+ "personalInfo": {
+ "complexName": {
+ "firstName": "Ayesha",
+ "lastName": "Takia"
+ }
+ },
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "123456789",
+ "fspId": "dfspa"
+ },
+ },
+ "amountType": "SEND",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "note": "quote note"
+}
+end note
+D2 -> S: ""POST /quotes""
+S --> D2: ""202 Accepted""
+S -> D3: ""POST /quotes""
+D3 --> S: ""202 Accepted""
+
+rnote left of D2 #Light
+**""PUT /quotes/22222222-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspb""
+""FSPIOP-Destination: dfspa""
+{
+ "transferAmount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "payeeReceiveAmount": {
+ "amount": "99",
+ "currency": "USD"
+ },
+ "payeeFspFee": {
+ "amount": "1",
+ "currency": "USD"
+ },
+ "expiration": "2020-06-15T12:00:00.000",
+ "ilpPacket": "...",
+ "condition": "...",
+}
+end note
+D3 -> S: ""PUT /quotes/22222222-0000-0000-0000-000000000000""
+S --> D3: ""200 OK""
+S -> D2: ""PUT /quotes/22222222-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+note left of D2
+ DFSP A has the quote, they can now ask
+ the PISP for authorization
+end note
+
+D2 -> D2: Generate a UUID for the authorization Request:\n""33333333-0000-0000-0000-000000000000""
+D2 -> D2: Derive the challenge based \non ""PUT /quotes/{ID}""
+
+rnote left of D2 #Light
+**""POST /thirdpartyRequests/authorizations""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "authorizationRequestId": "33333333-0000-0000-0000-000000000000",
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "challenge": """",
+ "transferAmount": {"amount": "100", "currency": "USD"},
+ "payeeReceiveAmount": {"amount": "99", "currency": "USD"},
+ "fees": {"amount": "1", "currency": "USD"},
+ "payer": {
+ "partyIdType": "THIRD_PARTY_LINK",
+ "partyIdentifier": "qwerty-56789",
+ "fspId": "dfspa"
+ },
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "expiration": "2020-06-15T12:00:00.000",
+}
+end note
+D2 -> S: ""POST /thirdpartyRequests/authorizations""
+S --> D2: ""202 Accepted""
+S -> D1: ""POST /thirdpartyRequests/authorizations""
+D1 --> S: ""202 Accepted""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.svg
new file mode 100644
index 00000000..a483f863
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-2-authorization.svg
@@ -0,0 +1,396 @@
+
+
+ Transfer: 1.2.2 Authorization
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ DFSP B
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ DFSP B
+
+
+ (Payee)
+
+
+ POST /quotes
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "quoteId": "22222222-0000-0000-0000-000000000000",
+
+
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "payer": {
+
+
+ "personalInfo": {
+
+
+ "complexName": {
+
+
+ "firstName": "Ayesha",
+
+
+ "lastName": "Takia"
+
+
+ }
+
+
+ },
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "123456789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ },
+
+
+ "amountType": "SEND",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "note": "quote note"
+
+
+ }
+
+
+ POST /quotes
+
+
+ 202 Accepted
+
+
+ POST /quotes
+
+
+ 202 Accepted
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspb
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "transferAmount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "payeeReceiveAmount": {
+
+
+ "amount": "99",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "payeeFspFee": {
+
+
+ "amount": "1",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "expiration": "2020-06-15T12:00:00.000",
+
+
+ "ilpPacket": "...",
+
+
+ "condition": "...",
+
+
+ }
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ DFSP A has the quote, they can now ask
+
+
+ the PISP for authorization
+
+
+ Generate a UUID for the authorization Request:
+
+
+ 33333333-0000-0000-0000-000000000000
+
+
+ Derive the challenge based
+
+
+ on
+
+
+ PUT /quotes/{ID}
+
+
+ POST /thirdpartyRequests/authorizations
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "authorizationRequestId": "33333333-0000-0000-0000-000000000000",
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "challenge":
+
+
+ <base64 encoded binary - the encoded challenge>
+
+
+ ,
+
+
+ "transferAmount": {"amount": "100", "currency": "USD"},
+
+
+ "payeeReceiveAmount": {"amount": "99", "currency": "USD"},
+
+
+ "fees": {"amount": "1", "currency": "USD"},
+
+
+ "payer": {
+
+
+ "partyIdType": "THIRD_PARTY_LINK",
+
+
+ "partyIdentifier": "qwerty-56789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "expiration": "2020-06-15T12:00:00.000",
+
+
+ }
+
+
+ POST /thirdpartyRequests/authorizations
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/authorizations
+
+
+ 202 Accepted
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.puml
new file mode 100644
index 00000000..01205b80
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.puml
@@ -0,0 +1,76 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.3 Rejected Authorization
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+== Agreement Phase ==
+note right of D1
+ PISP looks up the ""transactionRequestId"" and
+ checks the quote with the user,
+
+
+ User rejects the terms of the transcationRequest
+end note
+
+rnote right of D1 #Light
+**""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "responseType": "REJECTED"
+}
+end note
+D1 -> S: ""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""
+S --> D1: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+D2 -> D2: Look up the ""transactionRequestId"" for this ""authorizationId""
+
+note over D2
+ User has rejected the transaction request.
+end note
+
+rnote over D2 #Light
+**""PATCH /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "transactionRequestState": "REJECTED",
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+}
+end note
+D2 -> S: ""PATCH /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+S --> D2: ""200 OK""
+
+S -> D1: ""PATCH /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+D1 --> S: ""200 OK""
+
+note over D1
+ PISP can inform the user the transaction did not proceed
+end note
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.svg
new file mode 100644
index 00000000..0187f0d3
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-rejected-authorization.svg
@@ -0,0 +1,165 @@
+
+
+ Transfer: 1.2.3 Rejected Authorization
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Agreement Phase
+
+
+ PISP looks up the
+
+
+ transactionRequestId
+
+
+ and
+
+
+ checks the quote with the user,
+
+
+ User rejects the terms of the transcationRequest
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "responseType": "REJECTED"
+
+
+ }
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Look up the
+
+
+ transactionRequestId
+
+
+ for this
+
+
+ authorizationId
+
+
+ User has rejected the transaction request.
+
+
+ PATCH /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "transactionRequestState": "REJECTED",
+
+
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+
+
+ }
+
+
+ PATCH /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PATCH /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PISP can inform the user the transaction did not proceed
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.puml
new file mode 100644
index 00000000..90b1b7b8
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.puml
@@ -0,0 +1,74 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.3 Signed Authorization FIDO
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+== Agreement Phase ==
+note right of D1
+ PISP looks up the ""transactionRequestId"" and
+ checks the terms with the user.
+
+ If the user agrees to the terms, the PISP
+ uses the FIDO API on the user's device to sign the
+ the **""challenge""** string
+end note
+
+rnote right of D1 #Light
+**""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "responseType": "ACCEPTED"
+ "signedPayload": {
+ "signedPayloadType": "FIDO",
+ "fidoSignedPayload": {
+ "id": "string",
+ "rawId": "string - base64 encoded utf-8",
+ "response": {
+ "authenticatorData": "string - base64 encoded utf-8",
+ "clientDataJSON": "string - base64 encoded utf-8",
+ "signature": "string - base64 encoded utf-8",
+ "userHandle": "string - base64 encoded utf-8",
+ },
+ "type": "public-key"
+ }
+ }
+}
+end note
+D1 -> S: ""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""
+S --> D1: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+D2 -> D2: Look up the ""transactionRequestId"" for this ""authorizationId""
+D2 -> D2: Look up the ""consentId"" for this ""transactionRequestId""
+
+note over D2
+ DFSP has the signed challenge.
+ It now needs to ask the Auth-Service to verify
+ the signed challenge.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.svg
new file mode 100644
index 00000000..789519f6
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-fido.svg
@@ -0,0 +1,187 @@
+
+
+ Transfer: 1.2.3 Signed Authorization FIDO
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Agreement Phase
+
+
+ PISP looks up the
+
+
+ transactionRequestId
+
+
+ and
+
+
+ checks the terms with the user.
+
+
+ If the user agrees to the terms, the PISP
+
+
+ uses the FIDO API on the user's device to sign the
+
+
+ the
+
+
+ challenge
+
+
+ string
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "responseType": "ACCEPTED"
+
+
+ "signedPayload": {
+
+
+ "signedPayloadType": "FIDO",
+
+
+ "fidoSignedPayload": {
+
+
+ "id": "string",
+
+
+ "rawId": "string - base64 encoded utf-8",
+
+
+ "response": {
+
+
+ "authenticatorData": "string - base64 encoded utf-8",
+
+
+ "clientDataJSON": "string - base64 encoded utf-8",
+
+
+ "signature": "string - base64 encoded utf-8",
+
+
+ "userHandle": "string - base64 encoded utf-8",
+
+
+ },
+
+
+ "type": "public-key"
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Look up the
+
+
+ transactionRequestId
+
+
+ for this
+
+
+ authorizationId
+
+
+ Look up the
+
+
+ consentId
+
+
+ for this
+
+
+ transactionRequestId
+
+
+ DFSP has the signed challenge.
+
+
+ It now needs to ask the Auth-Service to verify
+
+
+ the signed challenge.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.puml
new file mode 100644
index 00000000..28d5c723
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.puml
@@ -0,0 +1,63 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.3 Signed Authorization
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+== Agreement Phase ==
+note right of D1
+ PISP looks up the ""transactionRequestId"" and
+ checks the quote with the user.
+
+ If the user agrees to the terms, the PISP uses
+ the Credential's privateKey to sign the challenge
+end note
+
+rnote right of D1 #Light
+**""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "responseType": "ACCEPTED"
+ "signedPayload": {
+ "signedPayloadType": "GENERIC",
+ "genericSignedPayload": "utf-8 base64 encoded signature"
+ }
+}
+end note
+D1 -> S: ""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""
+S --> D1: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+D2 -> D2: Look up the ""transactionRequestId"" for this ""authorizationId""
+D2 -> D2: Look up the ""consentId"" for this ""transactionRequestId""
+
+note over D2
+ DFSP has the signed challenge.
+ It now needs to ask the Auth-Service to verify
+ the signed challenge.
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.svg
new file mode 100644
index 00000000..474f7023
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-3-signed-authorization-generic.svg
@@ -0,0 +1,148 @@
+
+
+ Transfer: 1.2.3 Signed Authorization
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Agreement Phase
+
+
+ PISP looks up the
+
+
+ transactionRequestId
+
+
+ and
+
+
+ checks the quote with the user.
+
+
+ If the user agrees to the terms, the PISP uses
+
+
+ the Credential's privateKey to sign the challenge
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "responseType": "ACCEPTED"
+
+
+ "signedPayload": {
+
+
+ "signedPayloadType": "GENERIC",
+
+
+ "genericSignedPayload": "utf-8 base64 encoded signature"
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Look up the
+
+
+ transactionRequestId
+
+
+ for this
+
+
+ authorizationId
+
+
+ Look up the
+
+
+ consentId
+
+
+ for this
+
+
+ transactionRequestId
+
+
+ DFSP has the signed challenge.
+
+
+ It now needs to ask the Auth-Service to verify
+
+
+ the signed challenge.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.puml
new file mode 100644
index 00000000..8bde91c2
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.puml
@@ -0,0 +1,82 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 1.2.4 Verify Authorization
+
+
+box "Mojaloop"
+ participant Switch as S
+ participant "Auth-Service" as AUTHS
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+
+D2 -> D2: Generate a new ""verificationRequestId"", and associate \n it with the ""thirdpartyTransactionRequestId""
+
+rnote left of D2 #Light
+**""POST /thirdpartyRequests/verifications""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: central-auth""
+{
+ "verificationRequestId": "44444444-0000-0000-0000-000000000000",
+ "challenge": """",
+ "consentId": "123",
+ "signedPayloadType": "FIDO",
+ "fidoValue": {
+ "id": "string",
+ "rawId": "string - base64 encoded utf-8",
+ "response": {
+ "authenticatorData": "string - base64 encoded utf-8",
+ "clientDataJSON": "string - base64 encoded utf-8",
+ "signature": "string - base64 encoded utf-8",
+ "userHandle": "string - base64 encoded utf-8",
+ },
+ "type": "public-key"
+ }
+}
+end note
+D2 -> S: ""POST /thirdpartyRequests/verifications""
+S --> D2: ""202 Accepted""
+S -> AUTHS: ""POST /thirdpartyRequests/verifications""
+AUTHS --> S: ""202 Accepted""
+
+AUTHS -> AUTHS: Lookup this consent based on consentId
+AUTHS -> AUTHS: Ensure the accountAddress matches what is in Consent
+AUTHS -> AUTHS: Check that the signed bytes match the \npublickey we have stored for the consent
+
+rnote right of AUTHS #Light
+**""PUT /thirdpartyRequests/verifications/44444444-0000-0000-0000-000000000000""**
+""FSPIOP-Source: central-auth""
+""FSPIOP-Destination: dfspa""
+{
+ "authenticationResponse": "VERIFIED"
+}
+end note
+AUTHS -> S: ""PUT /thirdpartyRequests/verifications""\n"" /44444444-0000-0000-0000-000000000000""
+S --> AUTHS: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/verifications""\n"" /44444444-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+note over D2
+ DFSPA now knows that the user signed this transaction
+ and can go ahead and initiate the transfer
+end note
+
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.svg
new file mode 100644
index 00000000..1c7b39fe
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-2-4-verify-authorization.svg
@@ -0,0 +1,196 @@
+
+
+ Transfer: 1.2.4 Verify Authorization
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ Switch
+
+
+ Auth-Service
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Generate a new
+
+
+ verificationRequestId
+
+
+ , and associate
+
+
+ it with the
+
+
+ thirdpartyTransactionRequestId
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: central-auth
+
+
+ {
+
+
+ "verificationRequestId": "44444444-0000-0000-0000-000000000000",
+
+
+ "challenge":
+
+
+ <base64 encoded binary - the encoded challenge>
+
+
+ ,
+
+
+ "consentId": "123",
+
+
+ "signedPayloadType": "FIDO",
+
+
+ "fidoValue": {
+
+
+ "id": "string",
+
+
+ "rawId": "string - base64 encoded utf-8",
+
+
+ "response": {
+
+
+ "authenticatorData": "string - base64 encoded utf-8",
+
+
+ "clientDataJSON": "string - base64 encoded utf-8",
+
+
+ "signature": "string - base64 encoded utf-8",
+
+
+ "userHandle": "string - base64 encoded utf-8",
+
+
+ },
+
+
+ "type": "public-key"
+
+
+ }
+
+
+ }
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ 202 Accepted
+
+
+ Lookup this consent based on consentId
+
+
+ Ensure the accountAddress matches what is in Consent
+
+
+ Check that the signed bytes match the
+
+
+ publickey we have stored for the consent
+
+
+ PUT /thirdpartyRequests/verifications/44444444-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: central-auth
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "authenticationResponse": "VERIFIED"
+
+
+ }
+
+
+ PUT /thirdpartyRequests/verifications
+
+
+ /44444444-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/verifications
+
+
+ /44444444-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ DFSPA now knows that the user signed this transaction
+
+
+ and can go ahead and initiate the transfer
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.puml
new file mode 100644
index 00000000..1af60155
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.puml
@@ -0,0 +1,178 @@
+@startuml
+
+' define actor image
+sprite $actor [25x48/16] {
+ 0000000000010000000000000
+ 0000000006CAC910000000000
+ 0000000095101292000000000
+ 0000000651000119000000000
+ 0000000B10000018400000000
+ 0000001A10000016600000000
+ 0000000B10000017510000000
+ 000000083100001A210000000
+ 0000000191000176110000000
+ 000000003A866A61100000000
+ 0000000000466211100000000
+ 0003333333334443333310000
+ 0088888888888888888892000
+ 0821111111111111111118200
+ 8311111111111111111111A00
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111111111111111111111A20
+ A111551111111111138111A20
+ A111661111111111139111A20
+ A211661111111111139111A20
+ A211661111111111139111A20
+ A211661111161111139111A20
+ A2116611111A2111139111A20
+ A2116611111A2111139111A20
+ A2116611111A2111139111A20
+ A7669611111A211113A666B20
+ 36669611111A211113A666610
+ 00016611111A2111139111110
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006611111A2111139100000
+ 00006966666B7666679100000
+ 0000266666666666664100000
+ 0000000111111111111100000
+ 0000000000000000000000000
+}
+
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+skinparam actor {
+ Bordercolor none
+ Backgroundcolor none
+ shadowing false
+}
+
+hide footbox
+
+title Transfer: 1.3 Final transfer
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+box "DFSP B"
+ participant "DFSP B\n(Payee)" as D3
+end box
+actor "<$actor>\nPayee" as CB
+
+
+
+== Transfer Phase ==
+
+... DFSP A initiates a normal Mojaloop P2P Transfer ...
+
+D2 -> D2: Generate a new ""transferId"", and associate \n it with the ""transactionRequestId""
+
+rnote over D2 #Light
+**""POST /transfers""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "transferId": "55555555-0000-0000-0000-000000000000",
+ "payerFsp": "dfspa",
+ "payeeFsp": "dfspb",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "expiration": "2020-06-15T13:00:00.000",
+ "ilpPacket": "...",
+ "condition": "...",
+}
+end note
+D2 -> S: ""POST /transfers""
+S --> D2: ""202 Accepted""
+
+rnote over S #Light
+**""POST /transfers""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "transferId": "55555555-0000-0000-0000-000000000000",
+ "payerFsp": "dfspa",
+ "payeeFsp": "dfspb",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "expiration": "2020-06-15T13:00:00.000",
+ "ilpPacket": "...",
+ "condition": "...",
+}
+end note
+S -> D3: ""POST /transfers""
+D3 --> S: ""202 Accepted""
+
+rnote left of D3 #Light
+**""PUT /transfers/55555555-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspb""
+""FSPIOP-Destination: dfspa""
+{
+ "fulfilment": "...",
+ "completedTimestamp": "2020-06-15T12:01:00.000",
+ "transferState": "COMMITTED"
+}
+end note
+D3 -> S: ""PUT /transfers/55555555-0000-0000-0000-000000000000""
+S --> D3: ""200 OK""
+D3 -> CB: You have received funds!
+S -> D2: ""PUT /transfers/55555555-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+
+D2 -> D2: Look up ""transactionRequestId"" from the ""transferId""
+
+rnote over D2 #Light
+**""PATCH /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "transactionRequestState": "ACCEPTED",
+ "transactionState": "COMMITTED"
+}
+end note
+D2 -> S: ""PATCH /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+S --> D2: ""200 OK""
+
+S -> D1: ""PATCH /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+D1 --> S: ""200 OK""
+
+note over D1
+ PISP can now inform the user the
+ funds have been sent
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.svg
new file mode 100644
index 00000000..4adab1df
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/1-3-transfer.svg
@@ -0,0 +1,309 @@
+
+
+ Transfer: 1.3 Final transfer
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ DFSP B
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ DFSP B
+
+
+ (Payee)
+
+
+ Payee
+
+
+ Transfer Phase
+
+
+ DFSP A initiates a normal Mojaloop P2P Transfer
+
+
+ Generate a new
+
+
+ transferId
+
+
+ , and associate
+
+
+ it with the
+
+
+ transactionRequestId
+
+
+ POST /transfers
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "transferId": "55555555-0000-0000-0000-000000000000",
+
+
+ "payerFsp": "dfspa",
+
+
+ "payeeFsp": "dfspb",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "expiration": "2020-06-15T13:00:00.000",
+
+
+ "ilpPacket": "...",
+
+
+ "condition": "...",
+
+
+ }
+
+
+ POST /transfers
+
+
+ 202 Accepted
+
+
+ POST /transfers
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "transferId": "55555555-0000-0000-0000-000000000000",
+
+
+ "payerFsp": "dfspa",
+
+
+ "payeeFsp": "dfspb",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "expiration": "2020-06-15T13:00:00.000",
+
+
+ "ilpPacket": "...",
+
+
+ "condition": "...",
+
+
+ }
+
+
+ POST /transfers
+
+
+ 202 Accepted
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspb
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "fulfilment": "...",
+
+
+ "completedTimestamp": "2020-06-15T12:01:00.000",
+
+
+ "transferState": "COMMITTED"
+
+
+ }
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ You have received funds!
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Look up
+
+
+ transactionRequestId
+
+
+ from the
+
+
+ transferId
+
+
+ PATCH /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "transactionRequestState": "ACCEPTED",
+
+
+ "transactionState": "COMMITTED"
+
+
+ }
+
+
+ PATCH /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PATCH /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PISP can now inform the user the
+
+
+ funds have been sent
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.puml
new file mode 100644
index 00000000..1252be90
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.puml
@@ -0,0 +1,90 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.2.1 Bad Thirdparty Transaction Request
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+
+== Agreement Phase ==
+rnote right of D1 #Light
+**""POST /thirdpartyRequests/transactions""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "payer": {
+ "partyIdType": "THIRD_PARTY_LINK",
+ "partyIdentifier": "qwerty-56789",
+ "fspId": "dfspa"
+ },
+ "amountType": "SEND",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+}
+end note
+D1 -> S: ""POST /thirdpartyRequests/transactions""
+S --> D1: ""202 Accepted""
+S -> D2: ""POST /thirdpartyRequests/transactions""
+D2 --> S: ""202 Accepted""
+
+D2 -> D2: DFSP finds something wrong with this transaction request.
+
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "errorInformation": {
+ "errorCode": "6104",
+ "errorDescription": "Thirdparty request rejection",
+ "extensionList": []
+ }
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+D1 --> S: ""200 OK""
+
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.svg
new file mode 100644
index 00000000..c62356df
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-2-1-bad-tx-request.svg
@@ -0,0 +1,207 @@
+
+
+ Transfer: 3.2.1 Bad Thirdparty Transaction Request
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Agreement Phase
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "payer": {
+
+
+ "partyIdType": "THIRD_PARTY_LINK",
+
+
+ "partyIdentifier": "qwerty-56789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ "amountType": "SEND",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+
+
+ }
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ DFSP finds something wrong with this transaction request.
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6104",
+
+
+ "errorDescription": "Thirdparty request rejection",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.puml
new file mode 100644
index 00000000..b6ebf6ce
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.puml
@@ -0,0 +1,141 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.3.1 Bad Quote Request
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+box "DFSP B"
+ participant "DFSP B\n(Payee)" as D3
+end box
+
+... PISP has initiated Thirdparty Transaction Request with ""POST /thirdpartyRequests/transactions""...
+
+D2 -> D2: Generate a unique transactionId for this transaction request:\n**""11111111-0000-0000-0000-000000000000""**
+
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+ "transactionRequestState": "RECEIVED"
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000""
+D1 --> S: ""200 OK""
+
+rnote left of D2 #Light
+**""POST /quotes""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "quoteId": "22222222-0000-0000-0000-000000000000",
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "payer": {
+ "personalInfo": {
+ "complexName": {
+ "firstName": "Ayesha",
+ "lastName": "Takia"
+ }
+ },
+ "partyIdInfo": {
+ "partyIdType": "THIRD_PARTY_LINK",
+ "partyIdentifier": "qwerty-56789",
+ "fspId": "dfspa"
+ },
+ },
+ },
+ "amountType": "SEND",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "note": "quote note"
+}
+end note
+D2 -> S: ""POST /quotes""
+S --> D2: ""202 Accepted""
+S -> D3: ""POST /quotes""
+D3 --> S: ""202 Accepted""
+
+D3 -> D3: Quote fails for some reason.
+
+rnote left of D3 #Light
+**""PUT /quotes/22222222-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspb""
+""FSPIOP-Destination: dfspa""
+{
+ "errorInformation": {
+ "errorCode": "XXXX",
+ "errorDescription": "XXXX",
+ "extensionList": []
+ }
+}
+end note
+D3 -> S: ""PUT /quotes/22222222-0000-0000-0000-000000000000/error""
+S --> D3: ""200 OK""
+S -> D2: ""PUT /quotes/22222222-0000-0000-0000-000000000000/error""
+D2 --> S: ""200 OK""
+
+note left of D2
+ Quote failed, DFSP needs to inform PISP
+end note
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "errorInformation": {
+ "errorCode": "6003",
+ "errorDescription": "Downstream Failure",
+ "extensionList": []
+ }
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+D1 --> S: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.svg
new file mode 100644
index 00000000..841d82c6
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-1-bad-quote-request.svg
@@ -0,0 +1,369 @@
+
+
+ Transfer: 3.3.1 Bad Quote Request
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ DFSP B
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ DFSP B
+
+
+ (Payee)
+
+
+ PISP has initiated Thirdparty Transaction Request with
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ Generate a unique transactionId for this transaction request:
+
+
+ 11111111-0000-0000-0000-000000000000
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+
+
+ "transactionRequestState": "RECEIVED"
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ POST /quotes
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "quoteId": "22222222-0000-0000-0000-000000000000",
+
+
+ "transactionId": "11111111-0000-0000-0000-000000000000",
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "payer": {
+
+
+ "personalInfo": {
+
+
+ "complexName": {
+
+
+ "firstName": "Ayesha",
+
+
+ "lastName": "Takia"
+
+
+ }
+
+
+ },
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "THIRD_PARTY_LINK",
+
+
+ "partyIdentifier": "qwerty-56789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ },
+
+
+ },
+
+
+ "amountType": "SEND",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "note": "quote note"
+
+
+ }
+
+
+ POST /quotes
+
+
+ 202 Accepted
+
+
+ POST /quotes
+
+
+ 202 Accepted
+
+
+ Quote fails for some reason.
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspb
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "XXXX",
+
+
+ "errorDescription": "XXXX",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /quotes/22222222-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ Quote failed, DFSP needs to inform PISP
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6003",
+
+
+ "errorDescription": "Downstream Failure",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.puml
new file mode 100644
index 00000000..3a7f7879
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.puml
@@ -0,0 +1,122 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.3.2 Bad Transfer Request
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+box "DFSP B"
+ participant "DFSP B\n(Payee)" as D3
+end box
+
+... PISP has initiated Thirdparty Transaction Request with ""POST /thirdpartyRequests/transactions""...
+
+... DFSP A has received quote, and asked PISP to verify...
+
+... DFSP A has received ""PUT /thirdpartyRequests/verifications from Auth-Service""...
+
+... DFSP A initiates a normal Mojaloop P2P Transfer ...
+
+D2 -> D2: Generate a new ""transferId"", and associate \n it with the ""transactionRequestId""
+
+rnote over D2 #Light
+**""POST /transfers""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "transferId": "55555555-0000-0000-0000-000000000000",
+ "payerFsp": "dfspa",
+ "payeeFsp": "dfspb",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "expiration": "2020-06-15T13:00:00.000",
+ "ilpPacket": "...",
+ "condition": "...",
+}
+end note
+D2 -> S: ""POST /transfers""
+S --> D2: ""202 Accepted""
+
+rnote over S #Light
+**""POST /transfers""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: dfspb""
+{
+ "transferId": "55555555-0000-0000-0000-000000000000",
+ "payerFsp": "dfspa",
+ "payeeFsp": "dfspb",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "expiration": "2020-06-15T13:00:00.000",
+ "ilpPacket": "...",
+ "condition": "...",
+}
+end note
+S -> D3: ""POST /transfers""
+D3 --> S: ""202 Accepted""
+
+rnote left of D3 #Light
+**""PUT /transfers/55555555-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspb""
+""FSPIOP-Destination: dfspa""
+{
+ "errorInformation": {
+ "errorCode": "XXXX",
+ "errorDescription": "XXXX",
+ "extensionList": []
+ }
+}
+end note
+D3 -> S: ""PUT /transfers/55555555-0000-0000-0000-000000000000/error""
+S --> D3: ""200 OK""
+S -> D2: ""PUT /transfers/55555555-0000-0000-0000-000000000000/error""
+D2 --> S: ""200 OK""
+
+note left of D2
+ Transfer failed, DFSP needs to inform PISP
+end note
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "errorInformation": {
+ "errorCode": "6003",
+ "errorDescription": "Downstream failure",
+ "extensionList": []
+ }
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+D1 --> S: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.svg
new file mode 100644
index 00000000..85626c5b
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-3-2-bad-transfer-request.svg
@@ -0,0 +1,332 @@
+
+
+ Transfer: 3.3.2 Bad Transfer Request
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ DFSP B
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ DFSP B
+
+
+ (Payee)
+
+
+ PISP has initiated Thirdparty Transaction Request with
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ DFSP A has received quote, and asked PISP to verify
+
+
+ DFSP A has received
+
+
+ PUT /thirdpartyRequests/verifications from Auth-Service
+
+
+ DFSP A initiates a normal Mojaloop P2P Transfer
+
+
+ Generate a new
+
+
+ transferId
+
+
+ , and associate
+
+
+ it with the
+
+
+ transactionRequestId
+
+
+ POST /transfers
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "transferId": "55555555-0000-0000-0000-000000000000",
+
+
+ "payerFsp": "dfspa",
+
+
+ "payeeFsp": "dfspb",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "expiration": "2020-06-15T13:00:00.000",
+
+
+ "ilpPacket": "...",
+
+
+ "condition": "...",
+
+
+ }
+
+
+ POST /transfers
+
+
+ 202 Accepted
+
+
+ POST /transfers
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: dfspb
+
+
+ {
+
+
+ "transferId": "55555555-0000-0000-0000-000000000000",
+
+
+ "payerFsp": "dfspa",
+
+
+ "payeeFsp": "dfspb",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "expiration": "2020-06-15T13:00:00.000",
+
+
+ "ilpPacket": "...",
+
+
+ "condition": "...",
+
+
+ }
+
+
+ POST /transfers
+
+
+ 202 Accepted
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspb
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "XXXX",
+
+
+ "errorDescription": "XXXX",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /transfers/55555555-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ Transfer failed, DFSP needs to inform PISP
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6003",
+
+
+ "errorDescription": "Downstream failure",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.puml
new file mode 100644
index 00000000..5bc586ee
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.puml
@@ -0,0 +1,95 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.4.1 Bad Signed Challenge - Self Hosted Auth-Service
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+... PISP has initiated Thirdparty Transaction Request with ""POST /thirdpartyRequests/transactions""...
+
+... DFSP A has received quote, and asked PISP to verify...
+
+note right of D1
+ PISP looks up the ""transactionRequestId"" and
+ checks the quote with the user,
+ and uses the FIDO API to sign the
+ the **""challenge""** string
+end note
+
+rnote right of D1 #Light
+**""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "responseType": "ACCEPTED"
+ "signedPayload": {
+ "signedPayloadType": "FIDO",
+ "fidoSignedPayload": {
+ "id": "string",
+ "rawId": "string - base64 encoded utf-8",
+ "response": {
+ "authenticatorData": "string - base64 encoded utf-8",
+ "clientDataJSON": "string - base64 encoded utf-8",
+ "signature": "string - base64 encoded utf-8",
+ "userHandle": "string - base64 encoded utf-8",
+ },
+ "type": "public-key"
+ }
+ }
+}
+end note
+D1 -> S: ""PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000""
+S --> D1: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+D2 -> D2: Look up the ""transactionRequestId"" for this ""authorizationId""
+D2 -> D2: Look up the ""consentId"" for this ""transactionRequestId""
+D2 -> D2: Look up the ""publicKey"" for this ConsentId. Check the signing of the signed challenge
+
+note over D2
+ Signed challenge is invalid. Transaction Request failed.
+end note
+
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "errorInformation": {
+ "errorCode": "6201",
+ "errorDescription": "Invalid transaction signature",
+ "extensionList": []
+ }
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+D1 --> S: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.svg
new file mode 100644
index 00000000..213f6fc0
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-1-bad-signed-challenge-self-hosted.svg
@@ -0,0 +1,261 @@
+
+
+ Transfer: 3.4.1 Bad Signed Challenge - Self Hosted Auth-Service
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ PISP has initiated Thirdparty Transaction Request with
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ DFSP A has received quote, and asked PISP to verify
+
+
+ PISP looks up the
+
+
+ transactionRequestId
+
+
+ and
+
+
+ checks the quote with the user,
+
+
+ and uses the FIDO API to sign the
+
+
+ the
+
+
+ challenge
+
+
+ string
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "responseType": "ACCEPTED"
+
+
+ "signedPayload": {
+
+
+ "signedPayloadType": "FIDO",
+
+
+ "fidoSignedPayload": {
+
+
+ "id": "string",
+
+
+ "rawId": "string - base64 encoded utf-8",
+
+
+ "response": {
+
+
+ "authenticatorData": "string - base64 encoded utf-8",
+
+
+ "clientDataJSON": "string - base64 encoded utf-8",
+
+
+ "signature": "string - base64 encoded utf-8",
+
+
+ "userHandle": "string - base64 encoded utf-8",
+
+
+ },
+
+
+ "type": "public-key"
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/authorizations/33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Look up the
+
+
+ transactionRequestId
+
+
+ for this
+
+
+ authorizationId
+
+
+ Look up the
+
+
+ consentId
+
+
+ for this
+
+
+ transactionRequestId
+
+
+ Look up the
+
+
+ publicKey
+
+
+ for this ConsentId. Check the signing of the signed challenge
+
+
+ Signed challenge is invalid. Transaction Request failed.
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6201",
+
+
+ "errorDescription": "Invalid transaction signature",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.puml
new file mode 100644
index 00000000..ce3645d3
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.puml
@@ -0,0 +1,149 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.4.2 Bad Signed Challenge - Hub Hosted Auth-Service
+
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+ participant "Auth-Service" as AUTHS
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+
+... PISP has initiated Thirdparty Transaction Request with ""POST /thirdpartyRequests/transactions""...
+
+... DFSP A has received quote, and asked PISP to verify...
+
+note right of D1
+ PISP looks up the ""transactionRequestId"" and
+ checks the quote with the user,
+ and uses the FIDO API to sign the
+ the **""challenge""** string
+end note
+
+rnote right of D1 #Light
+**""PUT /thirdpartyRequests/authorizations""**
+**"" /33333333-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "responseType": "ACCEPTED"
+ "signedPayload": {
+ "signedPayloadType": "FIDO",
+ "fidoSignedPayload": {
+ "id": "string",
+ "rawId": "string - base64 encoded utf-8",
+ "response": {
+ "authenticatorData": "string - base64 encoded utf-8",
+ "clientDataJSON": "string - base64 encoded utf-8",
+ "signature": "string - base64 encoded utf-8",
+ "userHandle": "string - base64 encoded utf-8",
+ },
+ "type": "public-key"
+ }
+ }
+}
+end note
+D1 -> S: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+S --> D1: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/authorizations""\n""/33333333-0000-0000-0000-000000000000""
+D2 --> S: ""200 OK""
+
+D2 -> D2: Lookup ""transactionRequestId"" for this ""authorizationId""
+D2 -> D2: Lookup ""consentId"" for this ""transactionRequestId""
+
+
+D2 -> D2: Generate a new ""verificationRequestId"", and associate \n it with the ""thirdpartyTransactionRequestId""
+
+rnote left of D2 #Light
+**""POST /thirdpartyRequests/verifications""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: central-auth""
+{
+ "verificationRequestId": "44444444-0000-0000-0000-000000000000",
+ "challenge": """",
+ "consentId": "123",
+ "signedPayloadType": "FIDO",
+ "fidoValue": {
+ "id": "string",
+ "rawId": "string - base64 encoded utf-8",
+ "response": {
+ "authenticatorData": "string - base64 encoded utf-8",
+ "clientDataJSON": "string - base64 encoded utf-8",
+ "signature": "string - base64 encoded utf-8",
+ "userHandle": "string - base64 encoded utf-8",
+ },
+ "type": "public-key"
+ }
+}
+end note
+D2 -> S: ""POST /thirdpartyRequests/verifications""
+S --> D2: ""202 Accepted""
+S -> AUTHS: ""POST /thirdpartyRequests/verifications""
+AUTHS --> S: ""202 Accepted""
+
+AUTHS -> AUTHS: Lookup this consent based on consentId
+AUTHS -> AUTHS: Ensure the accountAddress matches what is in Consent
+AUTHS -> AUTHS: Check that the signed bytes match the \npublickey we have stored for the consent
+
+rnote right of AUTHS #Light
+**""PUT /thirdpartyRequests/verifications""**
+**"" /44444444-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: central-auth""
+""FSPIOP-Destination: dfspa""
+{
+ "errorInformation": {
+ "errorCode": "6201",
+ "errorDescription": "Invalid transaction signature",
+ "extensionList": []
+ }
+}
+end note
+AUTHS -> S: ""PUT /thirdpartyRequests/verifications""\n"" /44444444-0000-0000-0000-000000000000/error""
+S --> AUTHS: ""200 OK""
+S -> D2: ""PUT /thirdpartyRequests/verifications""\n"" /44444444-0000-0000-0000-000000000000/error""
+D2 --> S: ""200 OK""
+
+note over D2
+ Signed challenge is invalid. Transaction Request failed.
+end note
+
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions""**
+**"" /00000000-0000-0000-0000-000000000000/error""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "errorInformation": {
+ "errorCode": "6201",
+ "errorDescription": "Invalid transaction signature",
+ "extensionList": []
+ }
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+S --> D2: ""200 OK""
+S -> D1: ""PUT /thirdpartyRequests/transactions""\n"" /00000000-0000-0000-0000-000000000000/error""
+D1 --> S: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.svg
new file mode 100644
index 00000000..58c8e995
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-4-2-bad-signed-challenge-auth-service.svg
@@ -0,0 +1,439 @@
+
+
+ Transfer: 3.4.2 Bad Signed Challenge - Hub Hosted Auth-Service
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ Auth-Service
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ PISP has initiated Thirdparty Transaction Request with
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ DFSP A has received quote, and asked PISP to verify
+
+
+ PISP looks up the
+
+
+ transactionRequestId
+
+
+ and
+
+
+ checks the quote with the user,
+
+
+ and uses the FIDO API to sign the
+
+
+ the
+
+
+ challenge
+
+
+ string
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "responseType": "ACCEPTED"
+
+
+ "signedPayload": {
+
+
+ "signedPayloadType": "FIDO",
+
+
+ "fidoSignedPayload": {
+
+
+ "id": "string",
+
+
+ "rawId": "string - base64 encoded utf-8",
+
+
+ "response": {
+
+
+ "authenticatorData": "string - base64 encoded utf-8",
+
+
+ "clientDataJSON": "string - base64 encoded utf-8",
+
+
+ "signature": "string - base64 encoded utf-8",
+
+
+ "userHandle": "string - base64 encoded utf-8",
+
+
+ },
+
+
+ "type": "public-key"
+
+
+ }
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/authorizations
+
+
+ /33333333-0000-0000-0000-000000000000
+
+
+ 200 OK
+
+
+ Lookup
+
+
+ transactionRequestId
+
+
+ for this
+
+
+ authorizationId
+
+
+ Lookup
+
+
+ consentId
+
+
+ for this
+
+
+ transactionRequestId
+
+
+ Generate a new
+
+
+ verificationRequestId
+
+
+ , and associate
+
+
+ it with the
+
+
+ thirdpartyTransactionRequestId
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: central-auth
+
+
+ {
+
+
+ "verificationRequestId": "44444444-0000-0000-0000-000000000000",
+
+
+ "challenge":
+
+
+ <base64 encoded binary - the encoded challenge>
+
+
+ ,
+
+
+ "consentId": "123",
+
+
+ "signedPayloadType": "FIDO",
+
+
+ "fidoValue": {
+
+
+ "id": "string",
+
+
+ "rawId": "string - base64 encoded utf-8",
+
+
+ "response": {
+
+
+ "authenticatorData": "string - base64 encoded utf-8",
+
+
+ "clientDataJSON": "string - base64 encoded utf-8",
+
+
+ "signature": "string - base64 encoded utf-8",
+
+
+ "userHandle": "string - base64 encoded utf-8",
+
+
+ },
+
+
+ "type": "public-key"
+
+
+ }
+
+
+ }
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/verifications
+
+
+ 202 Accepted
+
+
+ Lookup this consent based on consentId
+
+
+ Ensure the accountAddress matches what is in Consent
+
+
+ Check that the signed bytes match the
+
+
+ publickey we have stored for the consent
+
+
+ PUT /thirdpartyRequests/verifications
+
+
+ /44444444-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: central-auth
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6201",
+
+
+ "errorDescription": "Invalid transaction signature",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/verifications
+
+
+ /44444444-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/verifications
+
+
+ /44444444-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ Signed challenge is invalid. Transaction Request failed.
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "errorInformation": {
+
+
+ "errorCode": "6201",
+
+
+ "errorDescription": "Invalid transaction signature",
+
+
+ "extensionList": []
+
+
+ }
+
+
+ }
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
+ PUT /thirdpartyRequests/transactions
+
+
+ /00000000-0000-0000-0000-000000000000/error
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.puml
new file mode 100644
index 00000000..dfcae669
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.puml
@@ -0,0 +1,77 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title Transfer: 3.Thirdparty Transaction Request Times Out
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+
+rnote right of D1 #Light
+**""POST /thirdpartyRequests/transactions""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+{
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+ "payee": {
+ "partyIdInfo": {
+ "partyIdType": "MSISDN",
+ "partyIdentifier": "+4412345678",
+ "fspId": "dfspb"
+ }
+ },
+ "payer": {
+ "partyIdType": "THIRD_PARTY_LINK",
+ "partyIdentifier": "qwerty-56789",
+ "fspId": "dfspa"
+ },
+ "amountType": "SEND",
+ "amount": {
+ "amount": "100",
+ "currency": "USD"
+ },
+ "transactionType": {
+ "scenario": "TRANSFER",
+ "initiator": "PAYER",
+ "initiatorType": "CONSUMER"
+ },
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+}
+end note
+D1 -> S: ""POST /thirdpartyRequests/transactions""
+S --> D1: ""202 Accepted""
+S -> D2: ""POST /thirdpartyRequests/transactions""
+D2 --> S: ""202 Accepted""
+
+
+... DFSP doesn't respond for some reason...
+
+
+D1 -> D1: Thirdparty Transaction Request expiration reached
+
+note over D1
+ PISP informs their user that the transaction failed.
+
+end note
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.svg
new file mode 100644
index 00000000..e9ba7851
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/3-6-tpr-timeout.svg
@@ -0,0 +1,157 @@
+
+
+ Transfer: 3.Thirdparty Transaction Request Times Out
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ {
+
+
+ "transactionRequestId": "00000000-0000-0000-0000-000000000000",
+
+
+ "payee": {
+
+
+ "partyIdInfo": {
+
+
+ "partyIdType": "MSISDN",
+
+
+ "partyIdentifier": "+4412345678",
+
+
+ "fspId": "dfspb"
+
+
+ }
+
+
+ },
+
+
+ "payer": {
+
+
+ "partyIdType": "THIRD_PARTY_LINK",
+
+
+ "partyIdentifier": "qwerty-56789",
+
+
+ "fspId": "dfspa"
+
+
+ },
+
+
+ "amountType": "SEND",
+
+
+ "amount": {
+
+
+ "amount": "100",
+
+
+ "currency": "USD"
+
+
+ },
+
+
+ "transactionType": {
+
+
+ "scenario": "TRANSFER",
+
+
+ "initiator": "PAYER",
+
+
+ "initiatorType": "CONSUMER"
+
+
+ },
+
+
+ "expiration": "2020-06-15T22:17:28.985-01:00"
+
+
+ }
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ POST /thirdpartyRequests/transactions
+
+
+ 202 Accepted
+
+
+ DFSP doesn't respond for some reason
+
+
+ Thirdparty Transaction Request expiration reached
+
+
+ PISP informs their user that the transaction failed.
+
+
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.puml b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.puml
new file mode 100644
index 00000000..c8ca6b83
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.puml
@@ -0,0 +1,67 @@
+@startuml
+
+' declaring skinparam
+skinparam sequenceMessageAlign center
+skinparam shadowing false
+skinparam defaultFontName Verdana
+skinparam monochrome true
+skinparam SequenceLifeLineBackgroundColor WhiteSmoke
+skinparam SequenceLifeLineBorderColor Black
+skinparam ParticipantFontStyle Bold
+skinparam ParticipantFontSize 20
+skinparam ParticipantBackgroundColor WhiteSmoke
+skinparam ArrowColor Black
+
+hide footbox
+
+title PISPGetTransactionRequest
+
+box "PISP"
+participant "PISP Server" as D1
+end box
+box "Mojaloop"
+ participant Switch as S
+end box
+box "DFSP A"
+ participant "DFSP A\n(Payer)" as D2
+end box
+
+autonumber 1 "GTR-# "
+
+note over S
+ Assuming a previously created thirdparty transaction request with id: ""00000000-0000-0000-0000-000000000000""
+
+end note
+
+
+
+rnote right of D1 #Light
+**""GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: pispa""
+""FSPIOP-Destination: dfspa""
+end note
+
+D1 -> S: ""GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""
+S --> D1: ""202 Accepted""
+
+S -> D2: ""GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""
+D2 --> S: ""202 Accepted""
+
+D2 -> D2: DFSP looks up already created \nthirdparty transaction request
+D2 -> D2: DFSP ensures that the FSPIOP-Source (pisp)\nis the same as the original sender of \n""POST /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""
+
+rnote left of D2 #Light
+**""PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""**
+""FSPIOP-Source: dfspa""
+""FSPIOP-Destination: pispa""
+{
+ "transactionRequestState": "ACCEPTED",
+}
+end note
+D2 -> S: ""PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""
+S --> D2: ""200 OK""
+
+S -> D1: ""PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000""
+D1 --> S: ""200 OK""
+
+@enduml
diff --git a/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.svg b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.svg
new file mode 100644
index 00000000..ffaa28ad
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/assets/diagrams/transfer/get_transaction_request.svg
@@ -0,0 +1,153 @@
+
+
+ PISPGetTransactionRequest
+
+
+ PISP
+
+
+ Mojaloop
+
+
+ DFSP A
+
+
+ PISP Server
+
+
+ Switch
+
+
+ DFSP A
+
+
+ (Payer)
+
+
+ Assuming a previously created thirdparty transaction request with id:
+
+
+ 00000000-0000-0000-0000-000000000000
+
+
+ GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: pispa
+
+
+ FSPIOP-Destination: dfspa
+
+
+ GTR-1
+
+
+ GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ GTR-2
+
+
+ 202 Accepted
+
+
+ GTR-3
+
+
+ GET /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ GTR-4
+
+
+ 202 Accepted
+
+
+ GTR-5
+
+
+ DFSP looks up already created
+
+
+ thirdparty transaction request
+
+
+ GTR-6
+
+
+ DFSP ensures that the FSPIOP-Source (pisp)
+
+
+ is the same as the original sender of
+
+
+ POST /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ FSPIOP-Source: dfspa
+
+
+ FSPIOP-Destination: pispa
+
+
+ {
+
+
+ "transactionRequestState": "ACCEPTED",
+
+
+ }
+
+
+ GTR-7
+
+
+ PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ GTR-8
+
+
+ 200 OK
+
+
+ GTR-9
+
+
+ PUT /thirdpartyRequests/transactions/00000000-0000-0000-0000-000000000000
+
+
+ GTR-10
+
+
+ 200 OK
+
+
diff --git a/vuepress/docs/api/thirdparty/data-models.md b/vuepress/docs/api/thirdparty/data-models.md
new file mode 100644
index 00000000..0fa1c4b4
--- /dev/null
+++ b/vuepress/docs/api/thirdparty/data-models.md
@@ -0,0 +1,991 @@
+# Data Models
+
+Third Party API
+
+### Table Of Contents
+
+1. [Preface](#Preface)
+ 1.1 [Conventions Used in This Document](#ConventionsUsedinThisDocument)
+ 1.2 [Document Version Information](#DocumentVersionInformation)
+ 1.3 [References](#References)
+2. [Introduction](#Introduction)
+ 2.1 [Third Party API Specification](#ThirdPartyAPISpecification)
+3. [Third Party API Elements](#ThirdPartyAPIElements)
+ 3.1 [Resources](#Resources)
+ 3.2 [Data Models](#DataModels)
+ 3.3 [Error Codes](#ErrorCodes)
+# ,
+ "scopes":
+}
+```
+
+4. Next, the PISP must convert this json object to a string representation using a [RFC-8785 Canonical JSON format](https://tools.ietf.org/html/rfc8785)
+
+5. Finally, the PISP must calculate a SHA-256 hash of the canonicalized JSON string.
+i.e. `SHA256(CJSON(rawChallenge))`
+
+The output of this algorithm, `challenge` will be used as the challenge for the [FIDO registration flow](https://webauthn.guide/#registration)
+
+
+### 3.6.2