Versions Compared

Version Old Version 5 New Version 6
Changes made by

Igor Dantas Silva

Igor Dantas Silva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Tip

Collection Fluxo de Consentimento de Dados

View file
namecm_spec_openapi_spa.json

POST Token

Info

Para iniciar uma jornada é necessário gerar um token no qual devem ser indicados client_id e client_secret, listados no menu “Credenciais”, no painel da Aplicação. Verifique a especificação por ambiente (Sandbox ou Produção).

...

Panel
bgColor#F4F5F7

https://keycloak.bdc.shared.fsapps.io/auth/realms/consent-management-devsandbox-hml/protocol/openid-connect/token

...

Code Block
languagejson
{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIySDhCS1U3RWxlaDE2X1JPZjF2NkxlNVBYZXlfWnh6bEFkbjRuWnI4dW5zIn0.eyJleHAiOjE2OTE2OTU0MDQsImlhdCI6MTY5MTY5NTEwNCwianRpIjoiYWE5NmM2ZjUtMWE0Yy00NzU5LTlmMjMtZjI4ODYxMDRjMjJhIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5iZGMuc2hhcmVkLmZzYXBwcy5pby9hdXRoL3JlYWxtcy9jb25zZW50LW1hbmFnZW1lbnQtZGV2Iiwic3ViIjoiNGQwM2JmMDItNGFkMi00NDRhLTg5ODAtY2VjNmZhZjUzNzZjIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoib3BlbnBsdXNfZmViZDZmYjctMDdjMS00NTA2LTllYmEtNDM3NDkxM2RmZWRiIiwiYWNyIjoiMSIsInNjb3BlIjoib3BlbmlkIGFjY291bnRzX2JhbGFuY2VzOnJlYWQgYWNjb3VudHNfdHJhbnNhY3Rpb25zOnJlYWQgYWNjb3VudHNfb3ZlcmRyYWZ0X2xpbWl0czpyZWFkIGFjY291bnRzOnJlYWQgcmVjZXB0b3IgcHJvZmlsZSIsImNsaWVudEhvc3QiOiIxNzkuMjA5LjQ0LjAiLCJjbGllbnRJZCI6Im9wZW5wbHVzX2ZlYmQ2ZmI3LTA3YzEtNDUwNi05ZWJhLTQzNzQ5MTNkZmVkYiIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1vcGVucGx1c19mZWJkNmZiNy0wN2MxLTQ1MDYtOWViYS00Mzc0OTEzZGZlZGIiLCJjbGllbnRBZGRyZXNzIjoiMTc5LjIwOS40NC4wIn0.P_guRCCg6BBevBiKZapVQazzFEqHUaOR4pNA8_gDcdFhXu-qAb1ZKnQ4uRBKTxofUpxeUlBY8HshZWW0apXnj4Rs4Q7e11xosHC7JM-ULsaICqiiBAPRMHJW_3MuMCt4Cw1d1GGZ_cP4pAtvfA71kxP50_6zZ35fvx_1Wq9pBf1JjnrBUbQrGoWh4mSb-XGFqyxmbDpGVRfrJj0kQ0q0yx9Qp0K8q6EPHxdpSAwU88WRHILjBVdup_Xu0e7JtiFwufomRm3ore4_3PQBpbQzq092NyjgaNI2GPTcREJFf3Cab1ihDQ_Ttjrnzg36wjSfwn1bf2yMn4pgZ2uB_A-8hg",
    "expires_in": 300,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIySDhCS1U3RWxlaDE2X1JPZjF2NkxlNVBYZXlfWnh6bEFkbjRuWnI4dW5zIn0.eyJleHAiOjE2OTE2OTU0MDQsImlhdCI6MTY5MTY5NTEwNCwiYXV0aF90aW1lIjowLCJqdGkiOiIzMmViYWQ4MC1iZTQ3LTQxOTctOWUyZS01MWZkNjZkMjc1ZWQiLCJpc3MiOiJodHRwczovL2tleWNsb2FrLmJkYy5zaGFyZWQuZnNhcHBzLmlvL2F1dGgvcmVhbG1zL2NvbnNlbnQtbWFuYWdlbWVudC1kZXYiLCJhdWQiOiJvcGVucGx1c19mZWJkNmZiNy0wN2MxLTQ1MDYtOWViYS00Mzc0OTEzZGZlZGIiLCJzdWIiOiI0ZDAzYmYwMi00YWQyLTQ0NGEtODk4MC1jZWM2ZmFmNTM3NmMiLCJ0eXAiOiJJRCIsImF6cCI6Im9wZW5wbHVzX2ZlYmQ2ZmI3LTA3YzEtNDUwNi05ZWJhLTQzNzQ5MTNkZmVkYiIsImF0X2hhc2giOiJlbUhXM1dLbVlyYmtyRkpFdm9JNS13IiwiYWNyIjoiMSIsImNsaWVudEhvc3QiOiIxNzkuMjA5LjQ0LjAiLCJjbGllbnRJZCI6Im9wZW5wbHVzX2ZlYmQ2ZmI3LTA3YzEtNDUwNi05ZWJhLTQzNzQ5MTNkZmVkYiIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1vcGVucGx1c19mZWJkNmZiNy0wN2MxLTQ1MDYtOWViYS00Mzc0OTEzZGZlZGIiLCJjbGllbnRBZGRyZXNzIjoiMTc5LjIwOS40NC4wIn0.B-OCm-GFOvLhT13wHyA3xDRfDvRjj5Y6SckekpqhFsGRDoMFUFOxjg0lNRJcvnDqwVZAMfIUqzmWAH6CKWbJ6TKlUqnDOBe5pboLmoZ67LaJt6Axn_JaUXiP_WmeXrNwDwTBIetudKCHVxwnjKGnMkbRGQtO5RBYnbIwAWMdCJyRtVmXVKJJ438m2wTifZjG2WViwlUu4gqKDZZmj256OsJIxY3Q08-TdDgKxp_M-d9FSQwyCzMPbNQ_eyrQGkaxDBl1SXTp9UQB6BnQsny3qaBL1fsefZSPtRiQPRcGrvBJmX3nMeBml_-krt1nnhr9QpjxNDOm1f5Howlx5kTpOw",
    "not-before-policy": 0,
    "scope": "openid accounts_balances:read accounts_transactions:read accounts_overdraft_limits:read accounts:read receptor profile"
}

POST Create Consents

Info

Com o token gerado, é necessário passá-lo no authorization da chamada /consents, para obter o consentimento e informações do usuário, conforme modelo abaixo.

...

Code Block
{redirectUri}?ticket={ticket}&state={consentId}

GET Consents

Info

Uma vez que o cliente retorna do ambiente BancoEstado, com o consentimento confirmado, é possível realizar uma chamada para obter os dados consentidos na /consents, conforme modelo abaixo.

...

Code Block
{
    "_id": "64d1abbe39b8a000115e2532",
    "resourceId": "e199f262-ed8c-4471-961d-37812a2884af",
    "resourceName": "b0IdSx1H_FMfSNNIZCT4kxVfcpBwkUsF1ELhhHk1hPU",
    "requestorClientId": "openplus_febd6fb7-07c1-4506-9eba-4374913dfedb",
    "requestorSubject": "4d03bf02-4ad2-444a-8980-cec6faf5376c",
    "requestorClientName": "openplus_febd6fb7-07c1-4506-9eba-4374913dfedb",
    "scopes": [
        "accounts:read",
        "accounts_balances:read",
        "accounts_transactions:read"
    ],
    "status": "AUTHORISED",
    "redirectUri": "http://localhost:9000",
    "creationDateTime": "2023-08-08T02:43:10.744Z",
    "statusUpdateDateTime": "2023-08-08T02:43:12.635Z",
    "expirationDateTime": "2024-01-08T02:43:09.204Z",
    "data": {
        "rut": "10031617"
    }
}

POST Ticket Exchange

Info

Após receber o ticket, será necessário você trocar este código por um access token, para acessar os dados consentidos pelo cliente

...

Code Block
{
    "upgraded": false,
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIySDhCS1U3RWxlaDE2X1JPZjF2NkxlNVBYZXlfWnh6bEFkbjRuWnI4dW5zIn0.eyJleHAiOjE2OTE2OTYxMjksImlhdCI6MTY5MTY5NTgyOSwianRpIjoiOWY4ZmIxN2QtM2Y1NC00NzI3LWI3NzgtMzQ2ZjUxYzg3MjgwIiwiaXNzIjoiaHR0cHM6Ly9rZXljbG9hay5iZGMuc2hhcmVkLmZzYXBwcy5pby9hdXRoL3JlYWxtcy9jb25zZW50LW1hbmFnZW1lbnQtZGV2IiwiYXVkIjoicmVzb3VyY2UtY2xpIiwic3ViIjoiNGQwM2JmMDItNGFkMi00NDRhLTg5ODAtY2VjNmZhZjUzNzZjIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoib3BlbnBsdXNfZmViZDZmYjctMDdjMS00NTA2LTllYmEtNDM3NDkxM2RmZWRiIiwiYWNyIjoiMSIsImFsbG93ZWQtb3JpZ2lucyI6WyIqIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJkZWZhdWx0LXJvbGVzLWNvbnNlbnQtbWFuYWdlbWVudC1kZXYiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwiYXV0aG9yaXphdGlvbiI6eyJwZXJtaXNzaW9ucyI6W3sic2NvcGVzIjpbImFjY291bnRzX3RyYW5zYWN0aW9uczpyZWFkIiwiYWNjb3VudHNfYmFsYW5jZXM6cmVhZCIsImFjY291bnRzOnJlYWQiXSwicnNpZCI6ImUxOTlmMjYyLWVkOGMtNDQ3MS05NjFkLTM3ODEyYTI4ODRhZiIsInJzbmFtZSI6ImIwSWRTeDFIX0ZNZlNOTklaQ1Q0a3hWZmNwQndrVXNGMUVMaGhIazFoUFUifV19LCJzY29wZSI6ImFkbWluIGVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1vcGVucGx1c19mZWJkNmZiNy0wN2MxLTQ1MDYtOWViYS00Mzc0OTEzZGZlZGIifQ.g6dTcc2yCpbtzlGVMhGaNQWPfUY2K69J-zi8hRVNZvN7KJ5zpLnH4xdO1xw8t369G13IrlAyPoK8zB1lcc2xP-lL9UQxMKIkSS8XMXhJVzM_Hx1yoDUEzVflBR69EQrtqYjAbEQ9mEtzRTsf1WVvao3ZfzL4oODiVYayV6Sr2vBtIrkoO71OjmrYQFsVrBDfeHsm_uxPYugTYPbvydJoOuAbCQ_7zfr8INRi5N4I0ix5yvk_lYdbZlzi55H_PChFj-HF0Ojpm27T894nSywSMBzkorEs9dJQh9k-vsUXxxGy4I9pL8KgyFobitaoIH-I7HeetFGkqmkfeqvu8BoO_Q",
    "expires_in": 300,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "not-before-policy": 0
}

POST Refresh Token

Info

No cenário no qual é necessário acessar os mesmos dados que foram objeto do consentimento, em um novo momento, após o timeout de 5 minutos, será necessário realizar um refresh token.

...