Yapily Consents and Authorisations API
Create, retrieve, revoke, and re-authorise PSD2 consents for AIS and PIS interactions across UK Open Banking and Berlin Group ASPSPs. Supports redirect, embedded, and decoupled flows.
OpenAPI Specification
openapi: 3.0.1
info:
title: Yapily Consents and Authorisations API
description: Create, manage, and revoke PSD2 consents and authorisations for Account Information (AIS) and Payment Initiation
(PIS) services.
version: 12.4.0
contact:
name: Yapily Support
url: https://docs.yapily.com/resources/support
email: support@yapily.com
servers:
- url: https://api.yapily.com
security:
- basicAuth: []
tags:
- description: 'The Consents endpoints are used to manage each `Consent` created by Yapily in response to an authorisation
created for a user.
The `Consent` object contains data that identifies a user''s consent for a specific `Institution` within a Yapily application.
Other than the id of the consent, the `institution-id` for the corresponding `Institution` and the user identifiers (`user-uuid`
and `application-user-id`), it contains various details that indicates how the `Consent` can be used.'
name: Consents
- description: 'Before calling [Financial Data](#yapily-api-financial-data) or [Payments](#yapily-api-payments) endpoints,
a consent from an end-user must be obtained.
Consents are valid for up to 90 days for Financial Data endpoints and have a single-use for Payment endpoints i.e. a new
consent must be obtained for each payment.
NOTE: A user consent is also referred to as an ''Authorisation''.'
name: Authorisations
paths:
/account-auth-requests:
patch:
description: Used to prompt the account holder for continued access to their financial data. This endpoint should be
used when a `Consent` that was previously `AUTHORIZED` can no longer be used to retrieve data.
operationId: reAuthoriseAccount
x-mint:
content: '<Info>Learn more: [Re-Authorisation](/data/financial-data-resources/financial-data-consents#re-authorisation)</Info>'
parameters:
- description: __Mandatory__. The `consent-token` containing the user's authorisation to make the request.
example: '{consentToken}'
in: header
name: consent
required: true
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
- $ref: '#/components/parameters/SubAppHeader'
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
OBIE Example Response:
$ref: '#/components/examples/obie-example-acc-auth-response-patch'
schema:
$ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Re-authorise Account Consent
tags:
- Authorisations
post:
description: 'Used to initiate the authorisation process and direct users to the login screen of their financial institution
in order to give consent to access account data.
Feature: `INITIATE_ACCOUNT_REQUEST`'
operationId: initiateAccountRequest
x-mint:
content: '<Info>Learn more: [Single Redirect Flow](/open-banking-flow/user-authorisation/single-redirect)</Info>'
parameters:
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
- $ref: '#/components/parameters/SubAppHeader'
requestBody:
content:
application/json;charset=UTF-8:
examples:
OBIE Example Request:
$ref: '#/components/examples/obie-example-acc-auth-request'
schema:
$ref: '#/components/schemas/AccountAuthorisationRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
OBIE Example Response:
$ref: '#/components/examples/obie-example-acc-auth-response-post'
schema:
$ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Create Account Authorisation
tags:
- Authorisations
put:
description: 'Used to continue the authorisation process and for any `Institution` that contains the `INITIATE_PRE_AUTHORISATION`
feature and direct user to the login screen of their financial institution in order to give consent to access account
data.
Features:
- `INITIATE_ACCOUNT_REQUEST`
- `INITIATE_PRE_AUTHORISATION`'
operationId: updatePreAuthoriseAccountConsent
x-mint:
content: '<Info>Learn more: [Pre-Authorisation Flow](/open-banking-flow/user-authorisation/pre-authorisation)</Info>'
parameters:
- description: __Mandatory__. The `consent-token` containing the user's authorisation to make the request.
example: '{consentToken}'
in: header
name: consent
required: true
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
- $ref: '#/components/parameters/SubAppHeader'
requestBody:
content:
application/json;charset=UTF-8:
examples:
Berlin Group Example Request:
$ref: '#/components/examples/berlin-group-example-acc-auth-request'
schema:
$ref: '#/components/schemas/AccountAuthorisationRequest'
required: true
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
OBIE Example Response:
$ref: '#/components/examples/obie-example-acc-auth-response-put'
schema:
$ref: '#/components/schemas/ApiResponseOfAccountAuthorisationResponse'
description: Ok
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Update Account Pre-authorisation
tags:
- Authorisations
/bulk-payment-auth-requests:
post:
description: 'Used to initiate the authorisation process and direct users to the login screen of their financial Institution
in order to give their consent for a bulk payment.
Feature: `INITIATE_BULK_PAYMENT`'
operationId: createBulkPaymentAuthorisation
x-mint:
content: '<Info>Learn more: [Bulk Payments](/payments/bulk-payments/overview)</Info>'
parameters:
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
requestBody:
content:
application/json;charset=UTF-8:
examples:
UK Bulk Payment Example Request:
$ref: '#/components/examples/uk-bulk-payment-auth-example-request'
schema:
$ref: '#/components/schemas/BulkPaymentAuthorisationRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
UK Bulk Payment Example Response:
$ref: '#/components/examples/uk-bulk-payment-auth-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfPaymentAuthorisationRequestResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Create Bulk Payment Authorisation
tags:
- Authorisations
/consent-auth-code:
post:
description: Used to obtain a Yapily Consent object containing the `consentToken` once the user has authenticated and
you have an OAuth2 authorisation code `auth-code` and state `auth-state`.
operationId: createConsentWithCode
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ConsentAuthCodeRequest'
required: true
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consent-auth-code-example-response'
schema:
$ref: '#/components/schemas/Consent'
description: Ok
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Exchange Oauth2 Code
tags:
- Consents
x-mint:
content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
/consent-one-time-token:
post:
description: Exchange a One-time-token for the consent token
operationId: getConsentBySingleAccessConsent
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/OneTimeTokenRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consent-one-time-token-example-response'
schema:
$ref: '#/components/schemas/Consent'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Exchange One Time Token
tags:
- Consents
x-mint:
content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
/consents:
get:
description: 'Used to retrieve all the consents created for each user within an application. At least one of the following
filters needs to be applied: filter[applicationUserId], filter[userUuid]=, limit=. '
operationId: getConsents
parameters:
- description: __Optional__. Filter records based on the list of `applicationUserId` users provided. At least one of
these filters filter[applicationUserId], filter[userUuid]=, limit= must be provided.
in: query
name: filter[applicationUserId]
required: false
schema:
uniqueItems: true
type: array
items:
type: string
- description: __Optional__. Filter records based on the list of `userUuid` users provided. At least one of these filters
filter[applicationUserId], filter[userUuid]=, limit= must be provided.
in: query
name: filter[userUuid]
required: false
schema:
uniqueItems: true
type: array
items:
type: string
format: uuid
- description: __Optional__. Filter records based on the list of `Institution` provided.
in: query
name: filter[institution]
required: false
schema:
uniqueItems: true
type: array
items:
type: string
- description: __Optional__. Filter records based on the list of `Consent` [statuses](/api-reference/getConsents).
in: query
name: filter[status]
required: false
schema:
uniqueItems: true
type: array
items:
type: string
- description: '__Optional__. Returned transactions will be on or after this date (yyyy-MM-dd''T''HH:mm:ss.SSSZ). '
in: query
name: from
required: false
schema:
type: string
- description: __Optional__. Returned transactions will be on or before this date (yyyy-MM-dd'T'HH:mm:ss.SSSZ).
in: query
name: before
required: false
schema:
type: string
- description: __Optional__. The maximum number of transaction records to be returned. Must be between 1 and 1000. At
least one of these filters filter[applicationUserId], filter[userUuid]=, limit= must be provided.
in: query
name: limit
required: false
schema:
type: integer
format: int32
- description: __Optional__. The number of transaction records to be skipped. Used primarily with paginated results.
in: query
name: offset
required: false
schema:
type: integer
format: int32
default: 0
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consents-example-response'
schema:
$ref: '#/components/schemas/ApiListResponseOfConsent'
description: Ok
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Get Consents
tags:
- Consents
/consents/{consentId}:
delete:
description: Delete a consent using the consent Id
operationId: delete
parameters:
- description: __Mandatory__. The consent Id of the `Consent` to update.
in: path
name: consentId
required: true
schema:
type: string
format: uuid
- description: __Optional__. Whether to force the deletion.
in: query
name: forceDelete
required: false
schema:
type: boolean
default: true
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consent-delete-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfConsentDeleteResponse'
description: Ok
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Delete Consent
tags:
- Consents
get:
description: Get consent using the consent Id
operationId: getConsentById
parameters:
- description: __Mandatory__. The consent Id of the `Consent` to update.
in: path
name: consentId
required: true
schema:
type: string
format: uuid
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consent-get-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfConsent'
description: Ok
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Get Consent
tags:
- Consents
/consents/{consentId}/extend:
post:
description: Used to indicate to Yapily that reconfirmation has occurred for a given Consent, and to update lastUpdatedAt
and reconfirmBy for that Consent. Returns the Consent.
operationId: extendConsent
x-beta: true
parameters:
- description: __Mandatory__. The consent Id of the `Consent` to update.
in: path
name: consentId
required: true
schema:
type: string
format: uuid
requestBody:
content:
application/json;charset=UTF-8:
examples:
Example Request:
$ref: '#/components/examples/consent-extend-example-request'
schema:
$ref: '#/components/schemas/ExtendConsentRequest'
required: true
responses:
'200':
content:
application/json;charset=UTF-8:
examples:
Example Response:
$ref: '#/components/examples/consent-get-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfConsent'
description: Created
'400':
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/extend-consent-error-response-code-400'
schema:
$ref: '#/components/schemas/ApiErrorResponse'
description: Error Response. The supplied lastConfirmedAt date, Consent type, or Consent status is invalid.
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiErrorResponse'
description: Error Response
summary: Extend Consent
tags:
- Consents
x-mint:
content: '<Info>Learn more: [Managing Consents](/data/financial-data-resources/financial-data-consents)</Info>'
/embedded-account-auth-requests:
post:
description: 'Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_ACCOUNT_REQUEST`
feature in order to obtain the the user''s authorisation to access their account information.
Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST`'
operationId: initiateEmbeddedAccountRequest
x-mint:
content: '<Info>Learn more: [Embedded Account Flow](/open-banking-flow/user-authorisation/embedded)</Info>'
parameters:
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
- $ref: '#/components/parameters/SubAppHeader'
requestBody:
content:
application/json;charset=UTF-8:
examples:
Berlin Group Example Request:
$ref: '#/components/examples/berlin-group-example-embedded-acc-auth-request'
schema:
$ref: '#/components/schemas/EmbeddedAccountAuthorisationRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
Berlin Group (Multiple SCA Methods) Example Response:
$ref: '#/components/examples/berlin-group-multiple-sca-methods-example-response'
Berlin Group (Single SCA Method) Example Response:
$ref: '#/components/examples/berlin-group-single-sca-method-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfEmbeddedAccountAuthorisationResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Create Embedded Account Authorisation
tags:
- Authorisations
/embedded-account-auth-requests/{consentId}:
put:
description: 'Used to pass the SCA Code received from the `Institution` (and the SCA method selected by the user where
multiple SCA methods are supported by the `Institution`) in order to complete the embedded authorisation to access
the user''s financial data.
Feature: `INITIATE_EMBEDDED_ACCOUNT_REQUEST`'
operationId: updateEmbeddedAccountRequest
x-mint:
content: '<Info>Learn more: [Embedded Account Flow](/open-banking-flow/user-authorisation/embedded)</Info>'
parameters:
- description: __Mandatory__. The consent Id of the `Consent` to update.
in: path
name: consentId
required: true
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
- $ref: '#/components/parameters/SubAppHeader'
requestBody:
content:
application/json;charset=UTF-8:
examples:
Berlin Group (SCA Code) Example Request:
$ref: '#/components/examples/berlin-group-sca-code-example-request'
Berlin Group (Selected SCA Method) Example Request:
$ref: '#/components/examples/berlin-group-selected-sca-method-example-request'
schema:
$ref: '#/components/schemas/EmbeddedAccountAuthorisationRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
Berlin Group (SCA Code) Example Response:
$ref: '#/components/examples/berlin-group-sca-code-example-response'
Berlin Group (Selected SCA Method) Example Response:
$ref: '#/components/examples/berlin-group-selected-sca-method-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfEmbeddedAccountAuthorisationResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Update Embedded Account Authorisation
tags:
- Authorisations
/embedded-bulk-payment-auth-requests:
post:
description: 'Used to initiate the embedded authorisation process for an `Institution` that contains the `INITIATE_EMBEDDED_BULK_PAYMENT`
feature in order to obtain the the user''s authorisation for a bulk payment. See [Bulk Payments](/payments/bulk-payments/additional-information)
for more information. Feature: `INITIATE_EMBEDDED_BULK_PAYMENT`'
operationId: createEmbeddedBulkPaymentAuthorisation
parameters:
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a personal account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-id
required: false
schema:
type: string
- description: "__Conditional__. Represents the user's login ID for the `Institution` to a business account. \n\nSee\
\ [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers) to see if this header is required."
in: header
name: psu-corporate-id
required: false
schema:
type: string
- description: "__Conditional__. The IP address of the PSU. \n\nSee [PSU identifiers](/open-banking-flow/user-authorisation/psu-identifiers)\
\ to see if this header is required."
in: header
name: psu-ip-address
required: false
schema:
type: string
requestBody:
content:
application/json;charset=UTF-8:
examples:
Berlin Group EUR Embedded Bulk Payment Example Request:
$ref: '#/components/examples/berlin-group-eur-embedded-bulk-payment-example-request'
schema:
$ref: '#/components/schemas/BulkPaymentEmbeddedAuthorisationRequest'
required: true
responses:
'201':
content:
application/json;charset=UTF-8:
examples:
Berlin Group EUR Embedded Bulk Payment Example Response:
$ref: '#/components/examples/berlin-group-eur-embedded-bulk-payment-example-response'
schema:
$ref: '#/components/schemas/ApiResponseOfPaymentEmbeddedAuthorisationRequestResponse'
description: Created
default:
content:
application/json;charset=UTF-8:
examples:
Error Response:
$ref: '#/components/examples/error-response-code-401'
schema:
$ref: '#/components/schemas/ApiResponseError'
description: Error Response
summary: Create Embedded Bulk Payment Authorisation
tags:
- Authorisations
x-mint:
content: '<Info>Learn more: [Embedded Payment Flows](/open-banking-flow/user-authorisation/embedded)</Info>'
/embedded-bulk-payment-auth-requests/{consentId}:
put:
description: 'Used to pass the SCA Code received from the `Institution` (and the SCA method selected by the user where
multiple SCA methods are supported by the `Institution`) in order to complete the embedded authorisation to initiate
a bulk payment. See [Bulk Payments](/payments/bulk-payments/additional-information) for more information. Feature:
`INITIATE_EMBEDDED_BULK_PAYMENT`'
operationId: updateEmbeddedBulkPaymentAuthorisation
parameters:
- description: __Mandatory__. The consent Id of the `Consent` to update.
in: path
name: consentId
required: true
schema:
type: string
- descripti
# --- truncated at 32 KB (186 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/yapily/refs/heads/main/openapi/yapily-consents-api-openapi.yml