Yapily

Yapily Consents and Authorisations API

Create, retrieve, revoke, and re-authorise PSD2 consents for AIS and PIS interactions across UK Open Banking and Berlin Group ASPSPs. Supports redirect, embedded, and decoupled flows.

Yapily Consents and Authorisations API is one of 9 APIs that Yapily publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

This API exposes 1 machine-runnable capability that can be deployed as REST, MCP, or Agent Skill surfaces via Naftiko and 1 JSON Schema definition.

Tagged areas include Consents, Authorisations, PSD2, and Open Banking. The published artifact set on APIs.io includes API documentation, an OpenAPI specification, 1 Naftiko capability spec, and 1 JSON Schema.

GitHub OpenAPI

Documentation

📖
Documentation
https://docs.yapily.com/

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/yapily/refs/heads/main/openapi/yapily-consents-api-openapi.yml

Schemas & Data

📊
JSONSchema
https://raw.githubusercontent.com/api-evangelist/yapily/refs/heads/main/json-schema/yapily-consent-schema.json

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/yapily/refs/heads/main/capabilities/consents.yaml

OpenAPI Specification

yapily-consents-api-openapi.yml Raw ↑ 
openapi: 3.0.1
info:
  title: Yapily Consents and Authorisations API
  description: Create, manage, and revoke PSD2 consents and authorisations for Account Information (AIS) and Payment Initiation
    (PIS) services.
  version: 12.4.0
  contact:
    name: Yapily Support
    url: https://docs.yapily.com/resources/support
    email: [email protected]
servers:
- url: https://api.yapily.com
security:
- basicAuth: []
tags:
- description: 'The Consents endpoints are used to manage each `Consent` created by Yapily in response to an authorisation
    created for a user.


    The `Consent` object contains data that identifies a user''s consent for a specific `Institution` within a Yapily application.
    Other than the id of the consent, the `institution-id` for the corresponding `Institution` and the user identifiers (`user-uuid`
    and `application-user-id`), it contains various details that indicates how the `Consent` can be used.'
  name: Consents
- description: 'Before calling [Financial Data](#yapily-api-financial-data) or [Payments](#yapily-api-payments) endpoints,
    a consent from an end-user must be obtained.


    Consents are valid for up to 90 days for Financial Data endpoints and have a single-use for Payment endpoints i.e. a new
    consent must be obtained for each payment.


    NOTE: A user consent is also referred to as an ''Authorisation''.'
  name: Authorisations
paths:
  /account-auth-requests:
    patch:
      description: Used to prompt the account holder for continued access to their financial data. This endpoint should be
        used when a `Consent` that was previously `AUTHORIZED` can no longer be used to retrieve data.
      operationId: reAuthoriseAccount
      x-mint:
        content: '<Info>Learn more: [Re-Authorisation](/data/financial-data-resources/financial-data-consents#re-authorisation)</Info>'
      parameters:
      - description: __Mandatory__. The `consent-token` containing the user's authorisation to make the request.
        example: '{consentToken}'
        in: header
        name: consent
        required: true
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      - $ref: '#/components/parameters/SubAppHeader'
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                OBIE Example Response:
                  $ref: '#/components/examples/obie-example-acc-auth-response-patch'
              schema:
                $ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Re-authorise Account Consent
      tags:
      - Authorisations
    post:
      description: 'Used to initiate the authorisation process and direct users to the login screen of their financial institution
        in order to give consent to access account data.


        Feature: `INITIATE_ACCOUNT_REQUEST`'
      operationId: initiateAccountRequest
      x-mint:
        content: '<Info>Learn more: [Single Redirect Flow](/open-banking-flow/user-authorisation/single-redirect)</Info>'
      parameters:
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      - $ref: '#/components/parameters/SubAppHeader'
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              OBIE Example Request:
                $ref: '#/components/examples/obie-example-acc-auth-request'
            schema:
              $ref: '#/components/schemas/AccountAuthorisationRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                OBIE Example Response:
                  $ref: '#/components/examples/obie-example-acc-auth-response-post'
              schema:
                $ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Create Account Authorisation
      tags:
      - Authorisations
    put:
      description: 'Used to continue the authorisation process and for any `Institution` that contains the `INITIATE_PRE_AUTHORISATION`
        feature and direct user to the login screen of their financial institution in order to give consent to access account
        data.


        Features:


        - `INITIATE_ACCOUNT_REQUEST`

        - `INITIATE_PRE_AUTHORISATION`'
      operationId: updatePreAuthoriseAccountConsent
      x-mint:
        content: '<Info>Learn more: [Pre-Authorisation Flow](/open-banking-flow/user-authorisation/pre-authorisation)</Info>'
      parameters:
      - description: __Mandatory__. The `consent-token` containing the user's authorisation to make the request.
        example: '{consentToken}'
        in: header
        name: consent
        required: true
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      - $ref: '#/components/parameters/SubAppHeader'
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              Berlin Group Example Request:
                $ref: '#/components/examples/berlin-group-example-acc-auth-request'
            schema:
              $ref: '#/components/schemas/AccountAuthorisationRequest'
        required: true
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                OBIE Example Response:
                  $ref: '#/components/examples/obie-example-acc-auth-response-put'
              schema:
                $ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
          description: Ok
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Update Account Pre-authorisation
      tags:
      - Authorisations
  /bulk-payment-auth-requests:
    post:
      description: 'Used to initiate the authorisation process and direct users to the login screen of their financial Institution
        in order to give their consent for a bulk payment.


        Feature: `INITIATE_BULK_PAYMENT`'
      operationId: createBulkPaymentAuthorisation
      x-mint:
        content: '<Info>Learn more: [Bulk Payments](/payments/bulk-payments/overview)</Info>'
      parameters:
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              UK Bulk Payment Example Request:
                $ref: '#/components/examples/uk-bulk-payment-auth-example-request'
            schema:
              $ref: '#/components/schemas/BulkPaymentAuthorisationRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                UK Bulk Payment Example Response:
                  $ref: '#/components/examples/uk-bulk-payment-auth-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfPaymentAuthorisationRequestResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Create Bulk Payment Authorisation
      tags:
      - Authorisations
  /consent-auth-code:
    post:
      description: Used to obtain a Yapily Consent object containing the `consentToken` once the user has authenticated and
        you have an OAuth2 authorisation code `auth-code` and state `auth-state`.
      operationId: createConsentWithCode
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/ConsentAuthCodeRequest'
        required: true
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consent-auth-code-example-response'
              schema:
                $ref: '#/components/schemas/Consent'
          description: Ok
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Exchange Oauth2 Code
      tags:
      - Consents
      x-mint:
        content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
  /consent-one-time-token:
    post:
      description: Exchange a One-time-token for the consent token
      operationId: getConsentBySingleAccessConsent
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/OneTimeTokenRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consent-one-time-token-example-response'
              schema:
                $ref: '#/components/schemas/Consent'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Exchange One Time Token
      tags:
      - Consents
      x-mint:
        content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
  /consents:
    get:
      description: 'Used to retrieve all the consents created for each user within an application. At least one of the following
        filters needs to be applied: filter[applicationUserId], filter[userUuid]=, limit=. '
      operationId: getConsents
      parameters:
      - description: __Optional__. Filter records based on the list of `applicationUserId` users provided. At least one of
          these filters filter[applicationUserId], filter[userUuid]=, limit= must be provided.
        in: query
        name: filter[applicationUserId]
        required: false
        schema:
          uniqueItems: true
          type: array
          items:
            type: string
      - description: __Optional__. Filter records based on the list of `userUuid` users provided. At least one of these filters
          filter[applicationUserId], filter[userUuid]=, limit= must be provided.
        in: query
        name: filter[userUuid]
        required: false
        schema:
          uniqueItems: true
          type: array
          items:
            type: string
            format: uuid
      - description: __Optional__. Filter records based on the list of `Institution` provided.
        in: query
        name: filter[institution]
        required: false
        schema:
          uniqueItems: true
          type: array
          items:
            type: string
      - description: __Optional__. Filter records based on the list of `Consent` [statuses](/api-reference/getConsents).
        in: query
        name: filter[status]
        required: false
        schema:
          uniqueItems: true
          type: array
          items:
            type: string
      - description: '__Optional__. Returned transactions will be on or after this date (yyyy-MM-dd''T''HH:mm:ss.SSSZ). '
        in: query
        name: from
        required: false
        schema:
          type: string
      - description: __Optional__. Returned transactions will be on or before this date (yyyy-MM-dd'T'HH:mm:ss.SSSZ).
        in: query
        name: before
        required: false
        schema:
          type: string
      - description: __Optional__. The maximum number of transaction records to be returned. Must be between 1 and 1000. At
          least one of these filters filter[applicationUserId], filter[userUuid]=, limit= must be provided.
        in: query
        name: limit
        required: false
        schema:
          type: integer
          format: int32
      - description: __Optional__. The number of transaction records to be skipped. Used primarily with paginated results.
        in: query
        name: offset
        required: false
        schema:
          type: integer
          format: int32
          default: 0
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consents-example-response'
              schema:
                $ref: '#/components/schemas/ApiListResponseOfConsent'
          description: Ok
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Get Consents
      tags:
      - Consents
  /consents/{consentId}:
    delete:
      description: Delete a consent using the consent Id
      operationId: delete
      parameters:
      - description: __Mandatory__. The consent Id of the `Consent` to update.
        in: path
        name: consentId
        required: true
        schema:
          type: string
          format: uuid
      - description: __Optional__. Whether to force the deletion.
        in: query
        name: forceDelete
        required: false
        schema:
          type: boolean
          default: true
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consent-delete-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfConsentDeleteResponse'
          description: Ok
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Delete Consent
      tags:
      - Consents
    get:
      description: Get consent using the consent Id
      operationId: getConsentById
      parameters:
      - description: __Mandatory__. The consent Id of the `Consent` to update.
        in: path
        name: consentId
        required: true
        schema:
          type: string
          format: uuid
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consent-get-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfConsent'
          description: Ok
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Get Consent
      tags:
      - Consents
  /consents/{consentId}/extend:
    post:
      description: Used to indicate to Yapily that reconfirmation has occurred for a given Consent, and to update lastUpdatedAt
        and reconfirmBy for that Consent. Returns the Consent.
      operationId: extendConsent
      x-beta: true
      parameters:
      - description: __Mandatory__. The consent Id of the `Consent` to update.
        in: path
        name: consentId
        required: true
        schema:
          type: string
          format: uuid
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              Example Request:
                $ref: '#/components/examples/consent-extend-example-request'
            schema:
              $ref: '#/components/schemas/ExtendConsentRequest'
        required: true
      responses:
        '200':
          content:
            application/json;charset=UTF-8:
              examples:
                Example Response:
                  $ref: '#/components/examples/consent-get-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfConsent'
          description: Created
        '400':
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/extend-consent-error-response-code-400'
              schema:
                $ref: '#/components/schemas/ApiErrorResponse'
          description: Error Response. The supplied lastConfirmedAt date, Consent type, or Consent status is invalid.
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiErrorResponse'
          description: Error Response
      summary: Extend Consent
      tags:
      - Consents
      x-mint:
        content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
  /embedded-account-auth-requests:
    post:
      description: 'Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_ACCOUNT_REQUEST`
        feature in order to obtain the the user''s authorisation to access their account information.


        Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST`'
      operationId: initiateEmbeddedAccountRequest
      x-mint:
        content: '<Info>Learn more: [Embedded Account Flow](/open-banking-flow/user-authorisation/embedded)</Info>'
      parameters:
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      - $ref: '#/components/parameters/SubAppHeader'
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              Berlin Group Example Request:
                $ref: '#/components/examples/berlin-group-example-embedded-acc-auth-request'
            schema:
              $ref: '#/components/schemas/EmbeddedAccountAuthorisationRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                Berlin Group (Multiple SCA Methods) Example Response:
                  $ref: '#/components/examples/berlin-group-multiple-sca-methods-example-response'
                Berlin Group (Single SCA Method) Example Response:
                  $ref: '#/components/examples/berlin-group-single-sca-method-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfEmbeddedAccountAuthorisationResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Create Embedded Account Authorisation
      tags:
      - Authorisations
  /embedded-account-auth-requests/{consentId}:
    put:
      description: 'Used to pass the SCA Code received from the `Institution` (and the SCA method selected by the user where
        multiple SCA methods are supported by the `Institution`) in order to complete the embedded authorisation to access
        the user''s financial data.


        Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST`'
      operationId: updateEmbeddedAccountRequest
      x-mint:
        content: '<Info>Learn more: [Embedded Account Flow](/open-banking-flow/user-authorisation/embedded)</Info>'
      parameters:
      - description: __Mandatory__. The consent Id of the `Consent` to update.
        in: path
        name: consentId
        required: true
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      - $ref: '#/components/parameters/SubAppHeader'
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              Berlin Group (SCA Code) Example Request:
                $ref: '#/components/examples/berlin-group-sca-code-example-request'
              Berlin Group (Selected SCA Method) Example Request:
                $ref: '#/components/examples/berlin-group-selected-sca-method-example-request'
            schema:
              $ref: '#/components/schemas/EmbeddedAccountAuthorisationRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                Berlin Group (SCA Code) Example Response:
                  $ref: '#/components/examples/berlin-group-sca-code-example-response'
                Berlin Group (Selected SCA Method) Example Response:
                  $ref: '#/components/examples/berlin-group-selected-sca-method-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfEmbeddedAccountAuthorisationResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Update Embedded Account Authorisation
      tags:
      - Authorisations
  /embedded-bulk-payment-auth-requests:
    post:
      description: 'Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_BULK_PAYMENT`
        feature in order to obtain the the user''s authorisation for a bulk payment. See [Bulk Payments](/payments/bulk-payments/additional-information)
        for more information. Feature: `INITIATE_EMBEDDED_BULK_PAYMENT`'
      operationId: createEmbeddedBulkPaymentAuthorisation
      parameters:
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
          \ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
        in: header
        name: psu-corporate-id
        required: false
        schema:
          type: string
      - description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
          \ to see if this header is required."
        in: header
        name: psu-ip-address
        required: false
        schema:
          type: string
      requestBody:
        content:
          application/json;charset=UTF-8:
            examples:
              Berlin Group EUR Embedded Bulk Payment Example Request:
                $ref: '#/components/examples/berlin-group-eur-embedded-bulk-payment-example-request'
            schema:
              $ref: '#/components/schemas/BulkPaymentEmbeddedAuthorisationRequest'
        required: true
      responses:
        '201':
          content:
            application/json;charset=UTF-8:
              examples:
                Berlin Group EUR Embedded Bulk Payment Example Response:
                  $ref: '#/components/examples/berlin-group-eur-embedded-bulk-payment-example-response'
              schema:
                $ref: '#/components/schemas/ApiResponseOfPaymentEmbeddedAuthorisationRequestResponse'
          description: Created
        default:
          content:
            application/json;charset=UTF-8:
              examples:
                Error Response:
                  $ref: '#/components/examples/error-response-code-401'
              schema:
                $ref: '#/components/schemas/ApiResponseError'
          description: Error Response
      summary: Create Embedded Bulk Payment Authorisation
      tags:
      - Authorisations
      x-mint:
        content: '<Info>Learn more: [Embedded Payment Flows](/open-banking-flow/user-authorisation/embedded)</Info>'
  /embedded-bulk-payment-auth-requests/{consentId}:
    put:
      description: 'Used to pass the SCA Code received from the `Institution` (and the SCA method selected by the user where
        multiple SCA methods are supported by the `Institution`) in order to complete the embedded authorisation to initiate
        a bulk payment. See [Bulk Payments](/payments/bulk-payments/additional-information) for more information. Feature:
        `INITIATE_EMBEDDED_BULK_PAYMENT`'
      operationId: updateEmbeddedBulkPaymentAuthorisation
      parameters:
      - description: __Mandatory__. The consent Id of the `Consent` to update.
        in: path
        name: consentId
        required: true
        schema:
          type: string
      - descripti

# --- truncated at 32 KB (186 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/yapily/refs/heads/main/openapi/yapily-consents-api-openapi.yml