Documentation Index Fetch the complete documentation index at: https://developer.moneyone.in/llms.txt
Use this file to discover all available pages before exploring further.
Overview The Consent List V3 API is the most flexible version of consent listing. It supports three distinct lookup modes:
Party identifier lookup — query by customer identifier (MOBILE, EMAIL, PAN, AADHAR, DOB, or GSTIN) along with productID and accountIDConsent handle lookup — query directly by one or more consent handle UUIDsConsent ID lookup — query directly by one or more consent ID UUIDs
Modes 2 and 3 are useful when you already have a consent handle or consent ID and want to fetch its current state without needing to know the party identifier. They are mutually exclusive — you cannot pass both consentHandle and consentID in the same request.
The response includes a nested accounts array per consent, giving you FIP-level account details alongside the consent metadata.
Endpoint POST {{Base_URL}}/v3/getconsentslist
Authentication Header Type Required Description Content-Typestring Yes Must be application/json. client_idstring Yes Your unique client identifier provided during FIU onboarding. client_secretstring Yes Your confidential client secret. Never expose this in client-side code. organisationIdstring Yes Your organisation’s unique identifier in the FinPro system. appIdentifierstring Yes Application-specific identifier for the calling service.
Request Body The request body depends on which lookup mode you use.
Mode 1 — Party Identifier Lookup All four fields below are required together. If consentHandle or consentID is absent, these fields become mandatory.
Parameter Type Required Description partyIdentifierTypestring Yes The type of identifier. Valid values: MOBILE, EMAIL, PAN, AADHAR, DOB, GSTIN. partyIdentifierValuestring Yes The identifier value, validated against the format for partyIdentifierType (see table below). productIDstring Yes The consent template identifier to filter by. accountIDstring Yes The account identifier to filter by. statusstring No Filter by consent status. Valid values: ACTIVE, PAUSED, REVOKED, EXPIRED, PENDING.
Mode 2 — Consent Handle Lookup Parameter Type Required Description consentHandlestring[] Yes Array of one or more consent handle UUIDs (v4). Cannot be combined with consentID. statusstring No Filter by consent status. Valid values: ACTIVE, PAUSED, REVOKED, EXPIRED, PENDING.
Mode 3 — Consent ID Lookup Parameter Type Required Description consentIDstring[] Yes Array of one or more consent ID UUIDs (v4). Cannot be combined with consentHandle. statusstring No Filter by consent status. Valid values: ACTIVE, PAUSED, REVOKED, EXPIRED, PENDING.
partyIdentifierTypeExpected Format Example MOBILE10-digit numeric string, no country code 9876543210EMAILValid email address customer@example.comPAN5 uppercase letters + 4 digits + 1 uppercase letter ABCDE1234FAADHAR12-digit numeric string 123456789012DOBISO date in YYYY-MM-DD format 1990-01-15GSTIN15-character GSTIN number 22ABCDE1234F1Z5
Response Success Response (200 OK) Party Identifier Lookup
Consent Handle / Consent ID Lookup
{ "ver" : "1.21.0" , "status" : "success" , "data" : [ { "consentID" : "a21d747a-c166-46f2-b0d6-4c22c575fb14" , "consentHandle" : "8814cd61-bf02-4548-87d8-5d1c0211cd91" , "status" : "ACTIVE" , "productID" : "MP9" , "accountID" : "1234" , "aaId" : "onemoney-aa" , "consentCreationData" : "2026-05-18T10:22:48.000Z" , "consent_expiry" : "2027-05-18 10:22:48" , "vua" : "9876543210@onemoney" , "accounts" : [ { "fipName" : "HDFC Bank" , "fipId" : "HDFC-FIP" , "accountType" : "SAVINGS" , "linkReferenceNumber" : "0ffc1696-38d2-4ef1-8c87-d3835d1f50a1" , "maskedAccountNumber" : "XXXX1234" , "fiType" : "DEPOSIT" } ] } ] }
Response Fields Field Type Description verstring FinPro API version that processed the request. statusstring success for all 200 responses.dataarray Array of consent objects. Empty array if no matches found.
Consent Object Fields Field Type Description consentIDstring Unique consent identifier assigned by the Account Aggregator after the customer approves. null for pending or rejected consents. consentHandlestring Consent handle generated when the consent request was created. Available immediately upon creation. statusstring Current consent status: ACTIVE, PAUSED, REVOKED, EXPIRED, or PENDING. productIDstring The consent template used to create this consent. accountIDstring The account identifier associated with this consent. aaIdstring Identifier of the Account Aggregator that processed this consent. consentCreationDatastring ISO 8601 timestamp of when the consent was created. consent_expirystring Timestamp of when the consent expires. After this, data fetching is no longer possible. vuastring The customer’s virtual user address at the AA (e.g., 9876543210@onemoney). accountsarray List of linked financial accounts covered by this consent.
Account Object Fields Field Type Description fipNamestring Human-readable name of the Financial Information Provider (bank/institution). fipIdstring Unique identifier of the FIP in the AA ecosystem. accountTypestring Type of account, e.g. SAVINGS, CURRENT, RECURRING_DEPOSIT. linkReferenceNumberstring The AA-assigned reference number for the linked account. maskedAccountNumberstring Account number with most digits masked for privacy, e.g. XXXX1234. fiTypestring Financial information type, e.g. DEPOSIT, MUTUAL_FUNDS, INSURANCE_POLICIES.
Empty Result (200 OK) { "ver" : "1.21.0" , "status" : "success" , "data" : [] }
Error Response (400 Bad Request) { "ver" : "1.21.0" , "timestamp" : "2026-05-18T11:43:56.125Z" , "errorCode" : "InvalidRequest" , "errorMsg" : " [ \" partyIdentifierValue \" must be valid Mobile number ] " }
Common Error Codes Error Code HTTP Status Description Resolution InvalidRequest400 Missing or invalid fields, or both consentHandle and consentID provided together. Check that exactly one lookup mode is used. For party identifier mode, all four fields must be present. InvalidPartyIdentifier400 partyIdentifierValue does not match the expected format for partyIdentifierType.See the Party Identifier Format Reference table above. InvalidProductID400 The productID does not exist or is not configured for your organisation. Verify the product ID in the FinPro admin portal. InvalidAccountID400 The accountID is invalid or not associated with the given product. Confirm the account ID was used during consent creation. AuthenticationFailed401 Invalid or missing authentication credentials. Verify client_id, client_secret, and organisationId.
Example Requests cURL — Party Identifier (Mobile)
cURL — Consent Handle Lookup
cURL — Consent ID Lookup
JavaScript
Python
curl --location '{{Base_URL}}/v3/getconsentslist' \ --header 'Content-Type: application/json' \ --header 'client_id: {{Client_Id}}' \ --header 'client_secret: {{Client_Secret}}' \ --header 'organisationId: {{Organisation_Id}}' \ --header 'appIdentifier: {{App_Identifier}}' \ --data '{ "partyIdentifierType": "MOBILE", "partyIdentifierValue": "9876543210", "productID": "MP9", "accountID": "1234" }'
