Class: CybridApiBank::IdentityRecordsBankApi

Inherits:
Object
  • Object
show all
Defined in:
lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ IdentityRecordsBankApi

Returns a new instance of IdentityRecordsBankApi.



19
20
21
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 19

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_clientObject

Returns the value of attribute api_client.



17
18
19
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 17

def api_client
  @api_client
end

Instance Method Details

#create_identity_record(post_identity_record_bank_model, opts = {}) ⇒ IdentityRecordBankModel

Create Identity Record Creates an identity record. ## Identity Records Identity Records verify an individual for inclusion on the platform. This know-your-customer (KYC) process is a requirement for individuals to be able to transact. At present, we offer support for Attestation Identity Records. Once an Identity Record has been submitted, it will be reviewed by our system and transit through a lifecycle before ultimately being ‘verified` or `failed`. If an Identity Record is ends up `failed`, contextual information as to the reason may be provided on the resource and additional attempts can be made. ## Attestation Identity Records An Attestation Identity Record is a confirmation of fact that the Organization has completed their own KYC process and can vouch for its correctness. Prior to uploading `verified` attestation identity records, an Organization must register their signing public key with their Bank through the create Verification Key API. To create an attestation identity record, a signed JWT is required as proof that the Customer’s identity has been verified by the Organization. When creating the JWT, the Organization must use the RS512 signing algorithm. The JWT must contain the following headers: - alg: The RS512 algorithm value, e.g., ‘RS512’. - kid: Set to the guid of the verification key that has been registered for the Bank The JWT must contain the following claims: - iss: Set to api.cybrid.app/banks/bank_guid - aud: Set to api.cybrid.app - sub: Set to api.cybrid.app/customers/customer_guid - iat: Set to the time at which the JWT was issued - exp: Set to the time after which the JWT expires - jti: Set to a unique identifier for the JWT Example code (python) for generating an Attestation Identity Record JWT token: “‘python # Assumes an RSA private key has been generated (`private_key`), a Verification Key has been created and a `verification_key_guid` is available. # # `customer_guid` should be set to the guid assigned to a Customer that has been created. # `bank_guid` should be set to the guid of your bank # import uuid from datetime import datetime, timezone, timedelta from jwcrypto import jwt, jwk from cryptography.hazmat.primitives import serialization algorithm = ’RS512’ issued_at = datetime.now(timezone.utc) expired_at = issued_at + timedelta(days=365) signing_key = jwk.JWK.from_pem( private_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption() ) ) signing_key.update(verification_key_guid) attestation_jwt = jwt.JWT( header={ "alg": algorithm, "kid": verification_key_guid }, claims={ "iss": f"api.cybrid.app/banks/bank_guid", "aud": "api.cybrid.app", "sub": f"api.cybrid.app/customers/customer_guid", "iat": int(issued_at.timestamp()), "exp": int(expired_at.timestamp()), "jti": str(uuid.uuid4()) }, key=signing_key, algs= ) attestation_jwt.make_signed_token(signing_key) token = attestation_jwt.serialize(compact=True) “‘ ## Attestation State | State | Description | |——-|————-| | storing | The Platform is storing the attestation in our private store | | pending | The Platform is verifying the attestation’s JWT | | verified | The Platform has verified the attestation and the customer is able to transact | | failed | The Platform was not able to verify the attestation and the customer is not able to transact | Required scope: customers:write

Parameters:

Returns:



27
28
29
30
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 27

def create_identity_record(post_identity_record_bank_model, opts = {})
  data, _status_code, _headers = create_identity_record_with_http_info(post_identity_record_bank_model, opts)
  data
end

#create_identity_record_with_http_info(post_identity_record_bank_model, opts = {}) ⇒ Array<(IdentityRecordBankModel, Integer, Hash)>

Create Identity Record Creates an identity record. ## Identity Records Identity Records verify an individual for inclusion on the platform. This know-your-customer (KYC) process is a requirement for individuals to be able to transact. At present, we offer support for Attestation Identity Records. Once an Identity Record has been submitted, it will be reviewed by our system and transit through a lifecycle before ultimately being &#x60;verified&#x60; or &#x60;failed&#x60;. If an Identity Record is ends up &#x60;failed&#x60;, contextual information as to the reason may be provided on the resource and additional attempts can be made. ## Attestation Identity Records An Attestation Identity Record is a confirmation of fact that the Organization has completed their own KYC process and can vouch for its correctness. Prior to uploading &#x60;verified&#x60; attestation identity records, an Organization must register their signing public key with their Bank through the create Verification Key API. To create an attestation identity record, a signed JWT is required as proof that the Customer&#39;s identity has been verified by the Organization. When creating the JWT, the Organization must use the RS512 signing algorithm. The JWT must contain the following headers: - alg: The RS512 algorithm value, e.g., &#39;RS512&#39;. - kid: Set to the guid of the verification key that has been registered for the Bank The JWT must contain the following claims: - iss: Set to api.cybrid.app/banks/bank_guid - aud: Set to api.cybrid.app - sub: Set to api.cybrid.app/customers/customer_guid - iat: Set to the time at which the JWT was issued - exp: Set to the time after which the JWT expires - jti: Set to a unique identifier for the JWT Example code (python) for generating an Attestation Identity Record JWT token: &#x60;&#x60;&#x60;python # Assumes an RSA private key has been generated (&#x60;private_key&#x60;), a Verification Key has been created and a &#x60;verification_key_guid&#x60; is available. # # &#x60;customer_guid&#x60; should be set to the guid assigned to a Customer that has been created. # &#x60;bank_guid&#x60; should be set to the guid of your bank # import uuid from datetime import datetime, timezone, timedelta from jwcrypto import jwt, jwk from cryptography.hazmat.primitives import serialization algorithm &#x3D; &#39;RS512&#39; issued_at &#x3D; datetime.now(timezone.utc) expired_at &#x3D; issued_at + timedelta(days&#x3D;365) signing_key &#x3D; jwk.JWK.from_pem( private_key.private_bytes( encoding&#x3D;serialization.Encoding.PEM, format&#x3D;serialization.PrivateFormat.PKCS8, encryption_algorithm&#x3D;serialization.NoEncryption() ) ) signing_key.update(verification_key_guid) attestation_jwt &#x3D; jwt.JWT( header&#x3D;{ &quot;alg&quot;: algorithm, &quot;kid&quot;: verification_key_guid }, claims&#x3D;{ &quot;iss&quot;: f&quot;api.cybrid.app/banks/bank_guid&quot;, &quot;aud&quot;: &quot;api.cybrid.app&quot;, &quot;sub&quot;: f&quot;api.cybrid.app/customers/customer_guid&quot;, &quot;iat&quot;: int(issued_at.timestamp()), &quot;exp&quot;: int(expired_at.timestamp()), &quot;jti&quot;: str(uuid.uuid4()) }, key&#x3D;signing_key, algs&#x3D; ) attestation_jwt.make_signed_token(signing_key) token &#x3D; attestation_jwt.serialize(compact&#x3D;True) &#x60;&#x60;&#x60; ## Attestation State | State | Description | |——-|————-| | storing | The Platform is storing the attestation in our private store | | pending | The Platform is verifying the attestation&#39;s JWT | | verified | The Platform has verified the attestation and the customer is able to transact | | failed | The Platform was not able to verify the attestation and the customer is not able to transact | Required scope: customers:write

Parameters:

Returns:

  • (Array<(IdentityRecordBankModel, Integer, Hash)>)

    IdentityRecordBankModel data, response status code and response headers



37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 37

def create_identity_record_with_http_info(post_identity_record_bank_model, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: IdentityRecordsBankApi.create_identity_record ...'
  end
  # verify the required parameter 'post_identity_record_bank_model' is set
  if @api_client.config.client_side_validation && post_identity_record_bank_model.nil?
    fail ArgumentError, "Missing the required parameter 'post_identity_record_bank_model' when calling IdentityRecordsBankApi.create_identity_record"
  end
  # resource path
  local_var_path = '/api/identity_records'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
      header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(post_identity_record_bank_model)

  # return_type
  return_type = opts[:debug_return_type] || 'IdentityRecordBankModel'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['BearerAuth', 'oauth2']

  new_options = opts.merge(
    :operation => :"IdentityRecordsBankApi.create_identity_record",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: IdentityRecordsBankApi#create_identity_record\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_identity_record(identity_record_guid, opts = {}) ⇒ IdentityRecordBankModel

Get Identity Record Retrieves an identity record. Required scope: customers:read

Parameters:

  • identity_record_guid (String)

    Identifier for the identity record.

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:



95
96
97
98
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 95

def get_identity_record(identity_record_guid, opts = {})
  data, _status_code, _headers = get_identity_record_with_http_info(identity_record_guid, opts)
  data
end

#get_identity_record_with_http_info(identity_record_guid, opts = {}) ⇒ Array<(IdentityRecordBankModel, Integer, Hash)>

Get Identity Record Retrieves an identity record. Required scope: customers:read

Parameters:

  • identity_record_guid (String)

    Identifier for the identity record.

  • opts (Hash) (defaults to: {})

    the optional parameters

Returns:

  • (Array<(IdentityRecordBankModel, Integer, Hash)>)

    IdentityRecordBankModel data, response status code and response headers



105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
 
# File 'lib/cybrid_api_bank_ruby/api/identity_records_bank_api.rb', line 105

def get_identity_record_with_http_info(identity_record_guid, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: IdentityRecordsBankApi.get_identity_record ...'
  end
  # verify the required parameter 'identity_record_guid' is set
  if @api_client.config.client_side_validation && identity_record_guid.nil?
    fail ArgumentError, "Missing the required parameter 'identity_record_guid' when calling IdentityRecordsBankApi.get_identity_record"
  end
  # resource path
  local_var_path = '/api/identity_records/{identity_record_guid}'.sub('{' + 'identity_record_guid' + '}', CGI.escape(identity_record_guid.to_s))

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'IdentityRecordBankModel'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['BearerAuth', 'oauth2']

  new_options = opts.merge(
    :operation => :"IdentityRecordsBankApi.get_identity_record",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: IdentityRecordsBankApi#get_identity_record\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end