{"swagger":"2.0","info":{"version":"0.1","title":"Mobile Banking API Specifications"},"basePath":"/MobilePROD/rsservice/v2/private","tags":[{"name":"Mobile"}],"consumes":["application/json"],"produces":["application/json"],"paths":{"/menu_structure":{"get":{"tags":["Mobile"],"summary":"Get Menu","description":"<h2>Summary:</h2><p>This API returns the customer's configured menu structure.<h2>Security:</h2><p>This API supports two OAuth 2.0 flows:  Customer API level authentication (OAuth2.0 Resource Owner Flow) and System API level authentication (OAuth2.0 Client Crendentials). <p>Note Resource Owner is the preferred way, as its much safer to restrict access based on who actually signed in -- the resource owner. <p>Client Credentials authentication is supported but NOT recommended -- the trusted client uses the header x-occapi-request-by-client to inform the API who is accessing it.<p>That means the authenticated client can impersonate any customer. Allow this only when the client can be completely trusted -- ie an authorized channel partner who holds its own certificates and credentials etc.<p>API Consumer must supply a valid username password to the tokenAPI in exchange for an access token (Bearer) to access this API<p>The access token must be supplied in the header as a Bearer token. For example: <code>Authorization:Bearer cbc77598e7777898a9fcbbeee24adfa4</code><h2>Authorisation logic:</h2><p>When Resource Owner flow is used, authorisation is done based on the user's permission. The access token issued by the token API identifies the user. So the API will make sure only operations associated with that user will be allowed.<p>For example, Customer A will not be able to transfer money from account B that he has no authorities to access.<p>When Client Credential flow is used, authorisation is checked against the x-occapi-request-by-client header value.<h2>Function Detail:</h2><h2>Sample request:</h2><p><code>Address: http://mobile-banking-server.com/rsservice/v1/private/menu_structure<p>Http-Method: GET<p>Content-Type: application/json<p>Headers: {Authorization=[Bearer 4f1ccf54a09fb92031b67c54f9b45011], Content-Type=[application/json], x-occapi-request-by-client=[0030037496]}</code><h2>Sample Response:</h2>\n```json \n{\n    \"id\": \"MAIN\",\n    \"description\": null,\n    \"icon\": null,\n    \"url\": null,\n    \"menuList\": [\n        {\n            \"id\": \"ACCNTS\",\n            \"description\": \"Accounts\",\n            \"icon\": \"nav_accounts.png\",\n            \"url\": \"\",\n            \"menuList\": null\n        },\n        {\n            \"id\": \"PAY_TSFR\",\n            \"description\": \"Pay/Transfer\",\n            \"icon\": \"nav_payments.png\",\n            \"url\": null,\n            \"menuList\": [\n                {\n                    \"id\": \"TRANSFER\",\n                    \"description\": \"Transfer\",\n                    \"icon\": \"nav_transfer.png\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"BILPAY\",\n                    \"description\": \"Bill Pay/Pay Anyone\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"AUTOPAY\",\n                    \"description\": \"Auto Payments\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"BILPAYL\",\n                    \"description\": \"Manage Payees\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"APRRQSS\",\n                    \"description\": \"Approval Requests\",\n                    \"icon\": \"nav_approval_requests\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                }\n            ]\n        },\n        {\n            \"id\": \"SETTINGS\",\n            \"description\": \"Settings\",\n            \"icon\": \"nav_settings.png\",\n            \"url\": \"\",\n            \"menuList\": null\n        },\n        {\n            \"id\": \"MSG\",\n            \"description\": \"Messages\",\n            \"icon\": \"\",\n            \"url\": \"\",\n            \"menuList\": [\n                {\n                    \"id\": \"MSGS\",\n                    \"description\": \"Inbox\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"SENTITEMS\",\n                    \"description\": \"Sent Items\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                },\n                {\n                    \"id\": \"NEWMSG\",\n                    \"description\": \"New Message\",\n                    \"icon\": \"\",\n                    \"url\": \"\",\n                    \"menuList\": null\n                }\n            ]\n        },\n        {\n            \"id\": \"EXFEATURES\",\n            \"description\": \"Feature turnkeys -- not to display.\",\n            \"icon\": null,\n            \"url\": null,\n            \"menuList\": null\n        }\n    ]\n}```\n","operationId":"getMenuStructure","consumes":["application/json"],"produces":["application/json"],"parameters":[{"name":"descriptionType","in":"query","description":"Description Type codes used: N=Normal S=Short","required":false,"type":"string"},{"name":"networkType","in":"query","description":"Network Type (optional), allowable values: IB2 (Internet Banking) or MB2 (Mobile Banking), defaults to MB2","required":false,"type":"string"},{"name":"Authorization","in":"header","description":"The Access Token; must use bear token, for example: Bearer xxxxxxxxx","required":false,"type":"string"},{"name":"x-occapi-request-by-client","in":"header","description":"The client number who requests","required":false,"type":"string","x-example":"0003023022"}],"security":[{"customerAPIAuthentication":[]},{"systemAPIAuthentication":[]}],"responses":{"200":{"description":"OK","schema":{"$ref":"#/definitions/MobileMenuV2"}},"400":{"description":"Bad request"},"401":{"description":"Unauthorized"},"403":{"description":"Forbidden"},"404":{"description":"Not found"},"405":{"description":"Method Not Allowed"},"406":{"description":"Not Acceptable"},"429":{"description":"Too Many Requests"},"500":{"description":"Internal Server Error"}}}}},"securityDefinitions":{"systemAPIAuthentication":{"description":"OAuth2 login using grant type 'Client Credentials'","type":"oauth2","tokenUrl":" http://localhost:802/SovSE_Mobile_Banking_Server/rsservice/v1/public/token","flow":"application"},"customerAPIAuthentication":{"description":"OAuth2 login using grant type 'Username/Password Credentials'","type":"oauth2","tokenUrl":"http://mobile-banking-server.com/rsservice/v1/public/token","flow":"password"}},"definitions":{"MobileMenuV2":{"type":"object","properties":{"id":{"type":"string","description":"Menu ID or code"},"description":{"type":"string","description":"Menu Description. Long or short depending on request parameter."},"icon":{"type":"string","description":"Filename of the icon to display. Optional"},"url":{"type":"string","description":"Link for menu item. Optional"},"menuList":{"type":"array","description":"List of Sub Menus, if relevant. A menu can have multiple menus or options","items":{"$ref":"#/definitions/MobileMenuV2"}}},"description":"Represents a mobile menu. Mobile Banking Menu structure: web service response object. Each MobileMenuV2 represents a menu which may or may not also be an option. Allows for a Hierarchy, with list of submenus."}}}