Collection
Enterprise REST API
>
Enterprise Data Privacy and Protection
>
API Reference
>
v1
>
Collection
openapi: 3.0.0
info:
version: Production
title: Collection
description: ''
contact:
name: 'Enterprise Architecture @ Jack Henry and Associates, inc. '
email: EA@jackhenry.com
security:
- OAuth2: []
paths:
/v1/institutions/{InstitutionId}/environments/{InstitutionEnvironment}/products/{ProductCode}/EDPP/collection:
get:
tags:
- Collection
description: API to retrieve the protected information per product per person
operationId: EDPP - Retreive Protected Information
parameters:
- name: InstitutionId
in: path
description: >-
The identification given to an entity / institution. The URL
utilizes this Id for routing. A financial Institution might opt to
utilize their routing and transit number
required: true
schema:
type: string
default: '000000000'
- name: InstitutionEnvironment
in: path
description: >-
Institution Environment. This code idenfies the processing
environment for which the message is intended. Generally, the
environment will be PRODuction, however, various other environments
may exist. TESTing environments are common.
required: true
schema:
type: string
default: PROD
- name: ProductCode
in: path
description: >-
The code as related to a product. EDPP is the default for the POST
method
required: true
schema:
type: string
default: EDPP
- name: Authorization
in: header
description: >-
Bearer authentication also called token authentication. The bearer
token is a cryptic string generated by the server and it must be
sent in the header when making requests for protected services
required: true
schema:
type: string
default: Authorization
- name: Date
in: header
description: >-
Standard http header element for date and time. HTTP headers are
represented as RFC 7231 Full Dates. <br>Example `Date: Wed, 21 Oct
2015 07:28:00 GMT`
required: true
schema:
type: string
- name: Content-Type
in: header
required: true
schema:
type: string
default: application/json
- name: X-Request-ID
in: header
description: >-
To support communications level correlation due to some responses
only having header data, a round-trip identifier (GUID) will be sent
on every call from the consumer and returned by the service provider
(or intermediary) regardless of the final disposition of the
request/message.
required: true
schema:
type: string
format: uuid
example: 123e4567-e89b-12d3-a456-426655440000
- name: X-Correlation-ID
in: header
description: >-
To support communications level tracking between the source and
final destinations, a unique round-trip identifier (GUID) will be
sent on every call from the caller and returned in the response by
the service providers regardless of the final disposition of the
request/message. The x-correlation-id can be re-used by
intermediaries and/or service-providers to communicate beyond
themselves indicating that the calls THEY are making are part of the
same original message. (i.e. they are correlated)
required: true
schema:
type: string
- name: X-AuditUserId
in: header
description: >-
This is the User Id which the consumer would like written to the
audit as performing the requested service. It will vary but could be
down to the user id. It will not be use to authenticate, only audit
information.
schema:
type: string
- name: X-AuditDeviceId
in: header
description: >-
This is the device Id which the consumer would like written to the
audit as performing the requested service. It will vary but could be
down to the machine id.
schema:
type: string
- name: X-BusinessCorrelationId
in: header
description: >-
The correlation identification as related to business functions and
activities. Generally expected to be a GUID.
schema:
type: string
- name: X-WorkflowCorrelationId
in: header
description: >-
The correlation identification as related to workflow functions and
activities. Generally expected to be a GUID.
schema:
type: string
- name: X-AuthenticationUserCredential
in: header
description: >-
Authentication of the end-user (person at keyboard) Credentials in
the form of a JSON Web Token (JWT). <br>Example
`AuthenticationUserCredential: <GeneratedOidcJwt>` <br>Example
`AuthenticationUserCredential: saml:<Generatedsaml>`
schema:
type: string
- name: X-AuthenticationProductCredential
in: header
required: true
description: >-
Authentication of the Consumer Product Credentials in the form of a
JSON Web Token (JWT). Same as Authorization jwt unless the message
is sent on-behalf-of this consumer product. The gateway would copy
the token from the Authorization in the header when the Product
Credential is absent. <br>Example `AuthenticationProductCredential:
<GeneratedOidcJwt>`
schema:
type: string
- name: X-FaultOverride
in: header
description: Determines if all faults should be override
schema:
type: string
default: false
- name: Product
in: query
description: >-
The product that is used as part of the URL filter. The consumer
would use the product code that was returned from the verification
service. The EDPP framework would not use the product filter. The
product filter value is used as part of the URL path
schema:
type: string
- name: ProductSubCode
in: query
description: Some products have a sub-application within their overall product.
schema:
type: string
- name: PersonId
in: query
required: true
description: >-
The identifier belongs to a person that is used as part of the URL
filter
schema:
type: string
responses:
'200':
description: OK
headers:
X-Request-ID:
description: >-
To support communications level correlation due to some
responses only having header data, a round-trip identifier
(GUID) will be sent on every call from the consumer and returned
by the service provider (or intermediary) regardless of the
final disposition of the request/message.
required: true
schema:
type: string
format: uuid
example: 123e4567-e89b-12d3-a456-426655440000
X-Correlation-ID:
description: >-
To support communications level tracking between the source and
final destinations, a unique round-trip identifier (GUID) will
be sent on every call from the caller and returned in the
response by the service providers regardless of the final
disposition of the request/message. The x-correlation-id can be
re-used by intermediaries and/or service-providers to
communicate beyond themselves indicating that the calls THEY are
making are part of the same original message. (i.e. they are
correlated)
required: true
schema:
type: string
X-Messages:
description: Indicating messages/faults/errors returned
schema:
type: boolean
default: false
X-BusinessCorrelationId:
description: >-
The correlation identification as related to business functions
and activities. Generally expected to be a GUID.
schema:
type: string
X-WorkflowCorrelationId:
description: >-
The correlation identification as related to workflow functions
and activities. Generally expected to be a GUID.
schema:
type: string
X-MessageSource:
required: true
description: >-
The source of the response to a message. This would represent
the service provider that carry out the business service for the
message
schema:
type: string
content:
application/json:
schema:
type: object
properties:
MessageStatuses:
description: The array of statuses as related to a message
type: array
items:
type: object
properties:
Code:
description: The code assigned to a providers statuses
type: string
Category:
description: >-
ENUM[Error,Fault,Warning,Overridden] The category
assigned to a providers message statuses
type: string
Description:
description: >-
The description related to the status code in a
human readable format
type: string
Element:
description: >-
When an Error or Fault occurs this optional element
will contain the element which is causing the
condition
type: string
ElementValue:
description: >-
When an Error or Fault occurs this optional element
will contain the value of the element which is
causing the condition
type: string
Location:
description: >-
This is typically the program that generated the
status condition
type: string
MessageSource:
description: >-
The source of the response to a message. This would
represent the service provider that carry out the
business service for the message
type: string
required:
- Code
- Category
- Description
PersonName:
type: object
properties:
Common:
description: >-
The common name which typically is constructed of the
First, Middle, and Last Name
type: string
First:
description: First Name
type: string
Middle:
description: Middle Name
type: string
Last:
description: Last Name
type: string
TitlePrefix:
description: >-
The prefix that might proceed a name for example Mr.,
Mrs., Dr.
type: string
Suffix:
description: The suffix that might follow a name for example Jr.
type: string
Legal:
description: >-
Used by entities like trusts, or businesses in the
case where an individual is doing business as a
company, or when the legal name is different than the
ComName
type: string
Salutation:
description: >-
Used by entities like trusts, or businesses in the
case where an individual is doing business as a
company, or when the legal name is different than the
ComName
type: string
Address:
type: object
properties:
Street1:
description: Street Address
type: string
Street2:
description: Street Address
type: string
Street3:
description: Street Address
type: string
City:
description: City
type: string
StateProvince:
description: >-
The US state code in accord with ISO 3166-2 or
international province name
type: string
CountryType:
description: The international country code in accord with ISO 3166
type: string
PostalCode:
description: Postal or Zip code
type: string
DataDictionaryName:
description: The name of the data dictionary used for reporting
type: string
DataDictionaryVersion:
description: The dictionary version
type: string
DictionaryData:
description: An array of sensitive data dictionary entries
type: array
items:
type: object
properties:
DataName:
description: >-
The name of a data element as part of a name / value
pair
type: string
DataValue:
description: >-
The value of a data element as part of a name /
value pair
type: string
'400':
description: Bad Request
headers:
X-Request-ID:
description: >-
To support communications level correlation due to some
responses only having header data, a round-trip identifier
(GUID) will be sent on every call from the consumer and returned
by the service provider (or intermediary) regardless of the
final disposition of the request/message.
required: true
schema:
type: string
format: uuid
example: 123e4567-e89b-12d3-a456-426655440000
X-Correlation-ID:
description: >-
To support communications level tracking between the source and
final destinations, a unique round-trip identifier (GUID) will
be sent on every call from the caller and returned in the
response by the service providers regardless of the final
disposition of the request/message. The x-correlation-id can be
re-used by intermediaries and/or service-providers to
communicate beyond themselves indicating that the calls THEY are
making are part of the same original message. (i.e. they are
correlated)
required: true
schema:
type: string
X-Messages:
description: Indicating messages/faults/errors returned
schema:
type: boolean
default: false
X-BusinessCorrelationId:
description: >-
The correlation identification as related to business functions
and activities. Generally expected to be a GUID.
schema:
type: string
X-WorkflowCorrelationId:
description: >-
The correlation identification as related to workflow functions
and activities. Generally expected to be a GUID.
schema:
type: string
X-MessageSource:
required: true
description: >-
The source of the response to a message. This would represent
the service provider that carry out the business service for the
message
schema:
type: string
content:
application/json:
schema:
description: The array of statuses as related to a message
type: array
items:
type: object
properties:
Code:
description: The code assigned to a providers statuses
type: string
Category:
description: >-
ENUM[Error,Fault,Warning,Overridden] The category
assigned to a providers message statuses
type: string
Description:
description: >-
The description related to the status code in a human
readable format
type: string
Element:
description: >-
When an Error or Fault occurs this optional element will
contain the element which is causing the condition
type: string
ElementValue:
description: >-
When an Error or Fault occurs this optional element will
contain the value of the element which is causing the
condition
type: string
Location:
description: >-
This is typically the program that generated the status
condition
type: string
MessageSource:
description: >-
The source of the response to a message. This would
represent the service provider that carry out the
business service for the message
type: string
required:
- Code
- Category
- Description
'401':
description: Unauthorized
headers:
X-Correlation-ID:
description: Returned X-Correlation-ID
schema:
type: string
X-Request-ID:
description: Returned X-Request-ID
schema:
type: string
'403':
description: Forbidden
headers:
X-Correlation-ID:
description: Returned X-Correlation-ID
schema:
type: string
X-Request-ID:
description: Returned X-Request-ID
schema:
type: string
'404':
description: Not Found
headers:
X-Correlation-ID:
description: Returned X-Correlation-ID
schema:
type: string
X-Request-ID:
description: Returned X-Request-ID
schema:
type: string
'413':
description: Request Too Large
headers:
X-Correlation-ID:
description: Returned X-Correlation-ID
schema:
type: string
X-Request-ID:
description: Returned X-Request-ID
schema:
type: string
'422':
description: Unprocessed
headers:
X-Correlation-ID:
description: Returned X-Correlation-ID
schema:
type: string
X-Request-ID:
description: Returned X-Request-ID
schema:
type: string
'500':
description: Generic Internal Error
tags:
- name: Collection
servers:
- url: https://{API_ENVIRONMENT}/jx-api
variables:
API_ENVIRONMENT:
default: jxdmz.jackhenry.com
description: Corporate Test Server
components:
securitySchemes:
jhaOIDCScheme:
description: Token must be an OIDC jwt! example **jwt <GeneratedOidcJwt>**
type: openIdConnect
openIdConnectUrl: /api.jhacorp.com/oidc/auth
OAuth2:
type: oauth2
flows:
clientCredentials:
tokenUrl: >-
https://jxdmz.jackhenry.com/jxchange/identity/authserver/connect/token
scopes: {}
parameters:
pInstitutionId:
name: InstitutionId
in: path
description: >-
The identification given to an entity / institution. The URL utilizes
this Id for routing. A financial Institution might opt to utilize their
routing and transit number
required: true
schema:
type: string
default: '000000000'
pInstitutionEnvironment:
name: InstitutionEnvironment
in: path
description: >-
Institution Environment. This code idenfies the processing environment
for which the message is intended. Generally, the environment will be
PRODuction, however, various other environments may exist. TESTing
environments are common.
required: true
schema:
type: string
default: PROD
pProductCode:
name: ProductCode
in: path
description: >-
The code as related to a product. EDPP is the default for the POST
method
required: true
schema:
type: string
default: EDPP
pAuthorization:
name: Authorization
in: header
description: >-
Bearer authentication also called token authentication. The bearer
token is a cryptic string generated by the server and it must be sent in
the header when making requests for protected services
required: true
schema:
type: string
pDate:
name: Date
in: header
description: >-
Standard http header element for date and time. HTTP headers are
represented as RFC 7231 Full Dates. <br>Example `Date: Wed, 21 Oct 2015
07:28:00 GMT`
required: true
schema:
type: string
pContent-Type:
name: Content-Type
in: header
required: true
schema:
type: string
default: application/json
pX-Request-ID:
name: X-Request-ID
in: header
description: >-
To support communications level correlation due to some responses only
having header data, a round-trip identifier (GUID) will be sent on every
call from the consumer and returned by the service provider (or
intermediary) regardless of the final disposition of the
request/message.
required: true
schema:
type: string
format: uuid
example: 123e4567-e89b-12d3-a456-426655440000
pX-AuditUserId:
name: X-AuditUserId
in: header
description: >-
This is the User Id which the consumer would like written to the audit
as performing the requested service. It will vary but could be down to
the user id. It will not be use to authenticate, only audit information.
schema:
type: string
pX-AuditDeviceId:
name: X-AuditDeviceId
in: header
description: >-
This is the device Id which the consumer would like written to the audit
as performing the requested service. It will vary but could be down to
the machine id.
schema:
type: string
pX-BusinessCorrelationId:
name: X-BusinessCorrelationId
in: header
description: >-
The correlation identification as related to business functions and
activities. Generally expected to be a GUID.
schema:
type: string
pX-WorkflowCorrelationId:
name: X-WorkflowCorrelationId
in: header
description: >-
The correlation identification as related to workflow functions and
activities. Generally expected to be a GUID.
schema:
type: string
pX-AuthenticationUserCredential-optional:
name: X-AuthenticationUserCredential
in: header
description: >-
Authentication of the end-user (person at keyboard) Credentials in the
form of a JSON Web Token (JWT). <br>Example
`AuthenticationUserCredential: <GeneratedOidcJwt>` <br>Example
`AuthenticationUserCredential: saml:<Generatedsaml>`
schema:
type: string
pX-AuthenticationProductCredential:
name: X-AuthenticationProductCredential
in: header
required: true
description: >-
Authentication of the Consumer Product Credentials in the form of a JSON
Web Token (JWT). Same as Authorization jwt unless the message is sent
on-behalf-of this consumer product. The gateway would copy the token
from the Authorization in the header when the Product Credential is
absent. <br>Example `AuthenticationProductCredential:
<GeneratedOidcJwt>`
schema:
type: string
pProduct:
name: Product
in: query
description: >-
The product that is used as part of the URL filter. The consumer would
use the product code that was returned from the verification service.
The EDPP framework would not use the product filter. The product filter
value is used as part of the URL path
schema:
type: string
pProductSubCode:
name: ProductSubCode
in: query
description: Some products have a sub-application within their overall product.
schema:
type: string
pBrandCode:
name: BrandCode
in: query
description: The brand code that is used as part of the URL filter.
schema:
type: string
pPersonId:
name: PersonId
in: query
required: true
description: >-
The identifier belongs to a person that is used as part of the URL
filter
schema:
type: string
pX-Correlation-ID:
name: X-Correlation-ID
in: header
description: >-
To support communications level tracking between the source and final
destinations, a unique round-trip identifier (GUID) will be sent on
every call from the caller and returned in the response by the service
providers regardless of the final disposition of the request/message.
The x-correlation-id can be re-used by intermediaries and/or
service-providers to communicate beyond themselves indicating that the
calls THEY are making are part of the same original message. (i.e. they
are correlated)
required: true
schema:
type: string
pX-Messages:
name: X-Messages
in: header
description: Indicating messages/faults/errors returned
schema:
type: boolean
default: false
pX-Version:
name: X-Version
in: header
description: Indicating version for the management status service
schema:
type: string
default: false
pX-MessageSource:
name: X-MessageSource
in: header
required: true
description: >-
The source of the response to a message. This would represent the
service provider that carry out the business service for the message
schema:
type: string
pX-FaultOverride:
name: X-FaultOverride
in: header
description: Determines if all faults should be override
schema:
type: string
default: false
requestBodies:
PostPersonValidateRequest:
description: >-
Validate / Search for a Person. <br> <br> API to verify the existence
of the Person per installed product. <br> <br> **Behavior** <br> The
LastName is required. <br> One of the identifiers must be included.
<br> The DriverLicenseId must include the DriveLicenseIssueState. <br>
The AccountId must inlcude the AccountType. <br> Lastname+Firstname
only, is NOT a valid request = 400-Bad Request <br> Lastname+TaxID is
valid <br> Lastname+AccountID+AccountType is valid <br>
Lastname+DriverLicenseId+DrivierLicenseIssueState is valid <br>
Firstname is optional but good practice to Vaidate / Search for a
Person. <br> All other = invalid = 400-Bad Request"
content:
application/json:
schema:
type: object
properties:
FirstName:
description: First Name
type: string
LastName:
description: Last Name
type: string
TaxId:
description: The tax identifier
type: string
DriverLicenseId:
description: The identifier given to a person for their driver license
type: string
DriverLicenseIssueState:
description: >-
The US state code in accord with ISO 3166-2 or international
province name
type: string
AccountId:
description: An identifier as related to a specific account
type: string
AccountType:
description: >-
OPENENUM[Deposit,Savings,Loan,TimeDeposit] (Hybrid
Enumeration) The type of account as related to a wire
type: string
required:
- LastName
schemas:
products:
description: A list of products
title: products
type: object
properties:
product:
type: array
items:
type: object
properties:
Code:
description: A open enumerated code assigned to a product
type: string
Description:
description: A description of a code assigned to a product
type: string
SubCode:
description: A open enumerated code assigned to a product
type: string
SubDescription:
description: A description of a code assigned to a product
type: string
BrandCode:
description: >-
A open enumerated code assigned to a financial institution
brands
type: string
BrandDescription:
description: >-
A description of a code assigned to a financial institution
brands
type: string
Id:
description: An identifier assigned to a customer
type: string
Status:
description: >-
ENUM[Active,Dormant,Deceased,NoExist,NonCustomer]The status of
a customer
type: string
dictionary-data:
description: A name value pair of EDPP dictionary entries
title: dictionary-data
type: object
properties:
dictionary-data:
type: array
items:
description: An array of sensitive data dictionary entries
type: array
items:
type: object
properties:
DataName:
description: The name of a data element as part of a name / value pair
type: string
DataValue:
description: The value of a data element as part of a name / value pair
type: string
person-name:
description: The elements related to a person's name
title: person-name
type: object
properties:
person-name:
type: object
properties:
Common:
description: >-
The common name which typically is constructed of the First,
Middle, and Last Name
type: string
First:
description: First Name
type: string
Middle:
description: Middle Name
type: string
Last:
description: Last Name
type: string
TitlePrefix:
description: The prefix that might proceed a name for example Mr., Mrs., Dr.
type: string
Suffix:
description: The suffix that might follow a name for example Jr.
type: string
Legal:
description: >-
Used by entities like trusts, or businesses in the case where an
individual is doing business as a company, or when the legal
name is different than the ComName
type: string
Salutation:
description: >-
Used by entities like trusts, or businesses in the case where an
individual is doing business as a company, or when the legal
name is different than the ComName
type: string
address:
description: The elements related to an address
title: address
type: object
properties:
address:
type: object
properties:
Street1:
description: Street Address
type: string
Street2:
description: Street Address
type: string
Street3:
description: Street Address
type: string
City:
description: City
type: string
StateProvince:
description: >-
The US state code in accord with ISO 3166-2 or international
province name
type: string
CountryType:
description: The international country code in accord with ISO 3166
type: string
PostalCode:
description: Postal or Zip code
type: string
Have a Question?
Have a how-to question? Seeing a weird error? Get help on
StackOverflow.
Register for the Digital Toolkit Meetup
where we answer technical Q&A from the audience.
Last updated Fri Jul 29 2022