Skip to main content
POST
/
v1
/
accounts
/
getconsentslist
Consent List with Unique Accounts
curl --request POST \
  --url https://api.example.com/v1/accounts/getconsentslist

Overview

The Consent List with Unique Accounts API provides an advanced consent listing capability with deduplication, filtering, and pagination features. Unlike V1 and V2 which return raw consent lists, this API is optimized for scenarios where you need to present unique accounts to users or process large consent datasets efficiently. Key capabilities that distinguish this API:
  • Deduplication: Returns unique accounts even when multiple consents exist for the same account across different time periods or statuses.
  • Status Filtering: Filter consents by one or more status values (PENDING, ACTIVE, REJECTED, REVOKED, EXPIRED) to focus on specific consent states.
  • Pagination Support: Handle large result sets efficiently with configurable page size and page number parameters, preventing performance issues with extensive consent histories.
  • Account Details: Each consent includes detailed account information in the accounts array, providing visibility into which specific financial accounts are linked.
This API is ideal for customer-facing dashboards, administrative interfaces, and reporting tools where you need to present organized, filterable consent information without overwhelming users with duplicate entries.

Endpoint

POST {{Base_URL}}/v1/accounts/getconsentslist

Authentication

This API requires authentication through the following headers that must be included in every request:
HeaderTypeRequiredDescription
Content-TypestringYesMust be set to application/json to indicate the request body format.
client_idstringYesYour unique client identifier provided by MoneyOne during FIU onboarding. This credential identifies your organization in the FinPro system.
client_secretstringYesYour confidential client secret provided by MoneyOne. This must be kept secure and never exposed in client-side code or public repositories.
organisationIdstringYesYour organization’s unique identifier in the FinPro system. This is assigned during onboarding and links all API calls to your FIU entity.
appIdentifierstringYesApplication-specific identifier that helps track which application or service within your organization is making the API call. Useful for multi-application FIU setups.

Request Body

The request body must be a JSON object containing the following parameters:
ParameterTypeRequiredDescription
mobileNumberstringYesThe customer’s 10-digit mobile number without country code or special characters. This should be the same mobile number used when creating consent requests. The API validates that this is a valid 10-digit numeric string.
productIDstringYesThe unique identifier of the consent template (product) for which you want to retrieve consents. This filters the consent list to only show consents created using this specific product configuration.
statusarray of stringsNoAn array of consent status values to filter the results. Valid status values are: PENDING, ACTIVE, REJECTED, REVOKED, EXPIRED, PAUSED. If not provided, consents of all statuses are returned. Use this to focus on specific consent states relevant to your use case.
pageNumbernumberNoThe page number to retrieve when using pagination. Pages are 1-indexed (first page is 1, not 0). If not provided, defaults to page 1. Use in combination with pageSize to navigate through large result sets.
pageSizenumberNoThe number of consent records to return per page. If not provided, all matching consents are returned in a single response. Recommended values are between 10 and 100 depending on your UI requirements.

Important Notes

  • Mobile Number Format: The mobile number must be exactly 10 digits without any country code, spaces, hyphens, or other special characters. Examples: 9876543210 (correct), +919876543210 (incorrect).
  • Status Filtering: The status array is case-sensitive. Use uppercase values exactly as documented: PENDING, ACTIVE, etc. Invalid status values may be ignored or cause validation errors.
  • Pagination Behavior: When pageSize is specified but pageNumber is not, the API returns the first page. When neither is specified, all results are returned without pagination.
  • Empty Status Array: If you provide an empty status array [], the API may return no results or behave as if no status filter was applied, depending on implementation. To get all statuses, omit the status parameter entirely.

Response

Success Response (200 OK) - Without Pagination

When pagination is not requested, all matching consents are returned in a single response: 
{
  "ver": "1.21.0",
  "status": "success",
  "data": [
    {
      "consentID": null,
      "consentHandle": "0af1551f-fc7d-4f11-adf8-eb4530e2965d",
      "status": "REJECTED",
      "productID": "TESTWM01",
      "accountID": "test",
      "aaId": "onemoney-aa",
      "consentCreationData": "2025-08-13T11:52:14.000Z",
      "consent_expiry": "2026-08-13 11:52:14",
      "accounts": [],
      "vua": "9674987439@onemoney"
    },
    {
      "consentID": null,
      "consentHandle": "9ee16215-2ab4-4fe4-a471-69dd5ef336d9",
      "status": "PENDING",
      "productID": "TESTWM01",
      "accountID": "test",
      "aaId": "onemoney-aa",
      "consentCreationData": "2025-07-01T17:50:31.000Z",
      "consent_expiry": "2026-07-01 17:50:31",
      "accounts": [],
      "vua": "9674987439@onemoney"
    }
  ]
}

Success Response (200 OK) - With Pagination

When pagination parameters are provided, the response includes page metadata: 
{
  "ver": "1.21.0",
  "status": "success",
  "pageDetails": {
    "totalRecords": 12,
    "currentPageNumber": 1,
    "totalPages": 6
  },
  "data": [
    {
      "consentID": null,
      "consentHandle": null,
      "status": "PENDING",
      "productID": "TESTWM01",
      "accountID": "TESTWM011756192348554",
      "aaId": "onemoney-aa",
      "consentCreationData": "2025-08-26T07:12:41.000Z",
      "consent_expiry": "2026-08-26 07:12:41",
      "accounts": [],
      "vua": "9674987439@onemoney"
    },
    {
      "consentID": null,
      "consentHandle": null,
      "status": "PENDING",
      "productID": "TESTWM01",
      "accountID": "TESTWM011756192324598",
      "aaId": "onemoney-aa",
      "consentCreationData": "2025-08-26T07:12:18.000Z",
      "consent_expiry": "2026-08-26 07:12:18",
      "accounts": [],
      "vua": "9674987439@onemoney"
    }
  ]
}
FieldTypeDescription
statusstringOverall API call status. Will be success for successful requests.
verstringThe version of the FinPro API that processed this request. Useful for debugging and version tracking.
pageDetailsobjectPagination metadata. Only present when pagination parameters (pageSize and optionally pageNumber) are provided in the request.
pageDetails.totalRecordsnumberThe total number of consent records matching the filter criteria across all pages. Use this to calculate total pages or display record counts.
pageDetails.currentPageNumbernumberThe page number of the current response. This matches the pageNumber from your request, or 1 if not specified.
pageDetails.totalPagesnumberThe total number of pages available based on totalRecords and pageSize. Use this to implement pagination controls in your UI.
dataarrayAn array of deduplicated consent objects matching the query criteria. The array may be empty if no matching consents exist.
Each consent object in the data array contains the following fields:
FieldTypeDescription
consentIDstring or nullThe unique consent identifier assigned by the Account Aggregator after the customer approves the consent. This is null for consents that are still pending or were rejected before approval. Once approved, this ID is used for data fetching and revocation operations.
consentHandlestring or nullThe consent handle that was generated when the consent request was created. This may be null in certain scenarios where the consent was created through alternative flows or when deduplicated at the account level.
statusstringCurrent status of the consent. Possible values: PENDING (awaiting customer action), ACTIVE (approved and currently valid), REJECTED (customer declined), REVOKED (customer or FIU cancelled), EXPIRED (validity period ended), PAUSED (temporarily suspended).
productIDstringThe product/consent template identifier that was used to create this consent. Matches the product ID from your request filter.
accountIDstringThe account identifier that was provided when creating the consent request. This helps correlate consents with your internal customer interactions or loan applications.
aaIdstringIdentifier of the Account Aggregator that processed this consent. Typically onemoney-aa for MoneyOne’s AA service.
consentCreationDatastringISO 8601 timestamp indicating when the consent request was created in the FinPro system. Note the field name uses “Data” (possibly a typo in the original API, but preserved for compatibility).
consent_expirystringTimestamp indicating when the consent will automatically expire, formatted as “YYYY-MM-DD HH:MM:SS”. After this time, the consent can no longer be used for data fetching. Note the different naming convention (snake_case vs camelCase).
accountsarrayAn array of account objects representing the specific financial accounts linked under this consent. Each object contains details about the account at a particular FIP. This array may be empty for pending or rejected consents where account discovery hasn’t completed.
vuastringThe customer’s Virtual User Address (VUA) in the format mobile@onemoney. This is the unique identifier used by Account Aggregators to identify the customer.

Account Object Structure

When consents have linked accounts, each item in the accounts array contains:
FieldTypeDescription
accountIdstringUnique identifier for the account at the FIP. This is not your internal account ID, but the FIP’s account reference.
fipIdstringThe Financial Information Provider identifier (bank or financial institution).
maskedAccountNumberstringThe account number with most digits masked for privacy (e.g., XXXXXXXX1234).
accountTypestringType of account (e.g., SAVINGS, CURRENT, CC for credit card).
fiTypesarrayArray of FI types available for this account (e.g., ["DEPOSIT"]).
linkRefNumberstringReference number linking this account to the consent for data fetch operations.

Error Response (400 Bad Request)

When the request contains invalid data or fails validation: 
{
  "ver": "1.21.0",
  "timestamp": "2025-10-01T11:44:17.019Z",
  "errorCode": "InvalidRequest",
  "errorMsg": " [ mobileNumber must be valid 10 digit ] "
}
FieldTypeDescription
verstringThe version of the FinPro API that processed this request.
timestampstringISO 8601 formatted timestamp indicating when the error occurred. Useful for debugging and correlating with server logs.
errorCodestringA human-readable error code indicating the category of error. Common values include InvalidRequest, AuthenticationFailed, etc.
errorMsgstringA detailed error message explaining what went wrong. This provides specific information about which field or validation rule caused the failure.

Common Error Codes

Error CodeStatus CodeDescriptionResolution
InvalidRequest400The request body contains invalid data or missing required fields.Verify that mobileNumber and productID are present and correctly formatted.
InvalidMobileNumber400The mobileNumber is not a valid 10-digit number.Ensure the mobile number is exactly 10 digits without country code, spaces, or special characters.
InvalidStatus400One or more status values in the array are invalid or not recognized.Use only valid status values: PENDING, ACTIVE, REJECTED, REVOKED, EXPIRED, PAUSED (uppercase).
InvalidPageNumber400The pageNumber is less than 1 or greater than the total available pages.Use page numbers starting from 1. Check totalPages from a previous response to avoid out-of-range errors.
InvalidPageSize400The pageSize is invalid (typically less than 1 or greater than a maximum threshold).Use reasonable page sizes between 10 and 100. Very large page sizes may be rejected or capped.
AuthenticationFailed401The provided credentials (client_id, client_secret, organisationId) are invalid or expired.Verify your credentials in the FinPro admin portal. Ensure you’re using the correct credentials for the environment.

Example Request

curl --location '{{Base_URL}}/v1/accounts/getconsentslist' \
--header 'Content-Type: application/json' \
--header 'client_id: {{Client_Id}}' \
--header 'client_secret: {{Client_Secret}}' \
--header 'organisationId: {{Organisation_Id}}' \
--header 'appIdentifier: {{App_Identifier}}' \
--data '{
    "mobileNumber": "9876543210",
    "productID": "TESTWM01",
    "status": ["PENDING", "ACTIVE"]
}'

Use Cases

Build a customer-facing dashboard with pagination: 
class ConsentDashboard {
  constructor(mobileNumber, productID) {
    this.mobileNumber = mobileNumber;
    this.productID = productID;
    this.pageSize = 20;
  }

  async loadPage(pageNumber, statusFilter = null) {
    const result = await getUniqueAccountConsents(
      this.mobileNumber,
      this.productID,
      {
        status: statusFilter,
        pageNumber,
        pageSize: this.pageSize
      }
    );

    return {
      consents: result.data,
      pagination: result.pageDetails || {
        totalRecords: result.data.length,
        currentPageNumber: 1,
        totalPages: 1
      }
    };
  }

  async loadAllPages(statusFilter = null) {
    const allConsents = [];
    let currentPage = 1;
    let totalPages = 1;

    do {
      const result = await this.loadPage(currentPage, statusFilter);
      allConsents.push(...result.consents);
      totalPages = result.pagination.totalPages;
      currentPage++;
    } while (currentPage <= totalPages);

    return allConsents;
  }
}

Status-Based Filtering

Display different consent categories to users: 
def categorize_consents(mobile_number, product_id):
    """Get consents organized by status categories"""
    categories = {
        'actionRequired': get_unique_account_consents(
            mobile_number, product_id, status=['PENDING']
        ),
        'activeConsents': get_unique_account_consents(
            mobile_number, product_id, status=['ACTIVE']
        ),
        'pastConsents': get_unique_account_consents(
            mobile_number, product_id, status=['REJECTED', 'REVOKED', 'EXPIRED']
        )
    }

    return {
        category: {
            'count': len(result['data']),
            'consents': result['data']
        }
        for category, result in categories.items()
    }

Export All Consents for Reporting

Fetch all consents across pages for batch processing: 
async function exportConsentReport(mobileNumber, productID) {
  const allConsents = [];
  let pageNumber = 1;
  let hasMorePages = true;

  while (hasMorePages) {
    const response = await getUniqueAccountConsents(mobileNumber, productID, {
      pageNumber,
      pageSize: 100  // Larger page size for efficient batch processing
    });

    allConsents.push(...response.data);

    if (response.pageDetails) {
      hasMorePages = pageNumber < response.pageDetails.totalPages;
      pageNumber++;
    } else {
      hasMorePages = false;  // No pagination, got all results
    }
  }

  return generateCSVReport(allConsents);
}

Best Practices

  1. Use Pagination for Large Datasets: Always use pagination when displaying consents in UI. This improves performance and user experience, especially for customers with many consents.
  2. Status Filtering: Use status filters to reduce data transfer and focus on relevant consents. For example, show only ACTIVE and PENDING consents in the main dashboard, with expired/revoked consents in a history section.
  3. Cache Page Results: Cache individual page results with appropriate TTL (e.g., 5-10 minutes) to reduce API calls when users navigate back and forth between pages.
  4. Handle Empty Accounts Array: The accounts array may be empty for PENDING or REJECTED consents. Design your UI to handle this gracefully by showing appropriate messaging.
  5. Deduplication Awareness: This API returns deduplicated results. If you need to see every individual consent request (including duplicates), use the V1 or V2 list APIs instead.
  6. Progress Indicators: When loading multiple pages, show progress indicators to users. Calculate progress as currentPage / totalPages using the pageDetails metadata.

API Version Comparison

  • V1 (Basic List): Uses mobile number only. Returns all consents in flat list without deduplication or pagination. Simple but may have performance issues with large datasets.
  • V2 (Enhanced List): Supports multiple identifier types (mobile, email, PAN). Includes account ID filtering. Still returns flat list without pagination.
  • V1 Unique Accounts (this API): Provides deduplicated view of unique accounts. Supports status filtering and pagination. Best for customer-facing dashboards and large datasets.
Choose this API when:
  • You need to display unique accounts without duplicate consent entries
  • You’re working with customers who have many consents and need pagination
  • You want to filter consents by specific status values
  • You’re building customer dashboards or administrative interfaces that require organized, filterable views
  • Performance and scalability are concerns due to potentially large consent lists