> ## Documentation Index
> Fetch the complete documentation index at: https://developer.moneyone.in/llms.txt
> Use this file to discover all available pages before exploring further.

# Consent List

> Retrieve a comprehensive list of all consents associated with a customer's mobile number, with optional filtering by product ID, account ID, and status.

<Warning>
  **Legacy API** — This is Consent List V1. We recommend using [Consent List V2](/api-reference/consent/list-v2) or [Consent List with Unique Accounts](/api-reference/consent/list-unique-accounts) for new integrations.
</Warning>

## Overview

The Consent List API allows Financial Information Users (FIUs) to retrieve all consent records associated with a specific customer and product combination. This API provides visibility into the complete consent history, including active, pending, rejected, revoked, and expired consents.

This is the foundational version of the consent listing API that uses mobile number as the primary customer identifier. It supports optional filtering by product, account, and status, as well as pagination via `limit` and `pageno` parameters.

Use this API when you need to:

* Display all consents to the customer in their account dashboard
* Check if active consents exist before creating new ones
* Audit consent history for compliance and record-keeping purposes
* Verify consent status before initiating data fetch operations

## Endpoint

<CodeGroup>
  ```bash Request theme={null}
  POST {{Base_URL}}/getconsentslist
  ```
</CodeGroup>

## Authentication

This API requires authentication through the following headers that must be included in every request:

| Header           | Type   | Required | Description                                                                                                                                                             |
| ---------------- | ------ | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `Content-Type`   | string | Yes      | Must be set to `application/json` to indicate the request body format.                                                                                                  |
| `client_id`      | string | Yes      | Your unique client identifier provided by MoneyOne during FIU onboarding. This credential identifies your organization in the FinPro system.                            |
| `client_secret`  | string | Yes      | Your confidential client secret provided by MoneyOne. This must be kept secure and never exposed in client-side code or public repositories.                            |
| `organisationId` | string | Yes      | Your organization's unique identifier in the FinPro system. This is assigned during onboarding and links all API calls to your FIU entity.                              |
| `appIdentifier`  | string | Yes      | Application-specific identifier that helps track which application or service within your organization is making the API call. Useful for multi-application FIU setups. |

## Request Body

The request body must be a JSON object containing the following parameters:

| Parameter      | Type             | Required | Description                                                                                                                                                                                                                                                    |
| -------------- | ---------------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `mobileNumber` | string           | Yes      | The customer's 10-digit mobile number without country code or special characters. This should be the same mobile number used when creating consent requests. The API validates that this is a valid 10-digit numeric string.                                   |
| `productID`    | string           | No       | The unique identifier of the consent template (product) for which you want to retrieve consents. This filters the consent list to only show consents created using this specific product configuration. If omitted, consents across all products are returned. |
| `accountID`    | string           | No       | The account identifier to filter consents for a specific customer interaction or loan application. Use the same value that was provided during consent creation.                                                                                               |
| `status`       | array of strings | No       | An array of consent status values to filter the results. Valid values: `ACTIVE`, `PAUSED`, `REVOKED`, `EXPIRED`, `PENDING`, `REJECTED`. If not provided, consents of all statuses are returned.                                                                |
| `limit`        | number           | No       | The maximum number of consent records to return per page. Use in combination with `pageno` for pagination through large result sets.                                                                                                                           |
| `pageno`       | number           | No       | The page number to retrieve when using pagination. Pages are 1-indexed (first page is 1). Use in combination with `limit` to paginate results.                                                                                                                 |

### Important Notes

* **Mobile Number Format**: The mobile number must be exactly 10 digits without any country code, spaces, hyphens, or other special characters. Examples: `9876543210` (correct), `+919876543210` (incorrect), `98765-43210` (incorrect).
* **Product Filtering**: When `productID` is provided, the API only returns consents associated with that product. If omitted, consents across all products for the mobile number are returned.
* **Historical Data**: The API returns all consents regardless of their status, providing a complete historical view of the consent relationship with the customer.
* **Pagination**: Use `limit` and `pageno` together to paginate through large result sets. For example, `limit: 10` and `pageno: 1` returns the first 10 results.

## Response

### Success Response (200 OK)

When consents are found for the specified mobile number and product ID, the API returns an array of consent objects:

<CodeGroup>
  ```json Success Response theme={null}
  {
    "ver": "1.21.0",
    "status": "success",
    "data": [
      {
        "consentID": "20918495-ea9c-4508-a1b4-93ca1fbfd0f3",
        "consentHandle": "8b5b9333-00df-4b99-99d8-b0918f897e7b",
        "status": "ACTIVE",
        "productID": "TESTWM01",
        "accountID": "test123",
        "aaId": "onemoney-aa",
        "createdOn": "2025-09-15T10:30:00.000Z",
        "modifiedOn": "2025-09-15T11:00:00.000Z",
        "consentStart": "2025-09-15T10:30:00.000Z",
        "consentExpiry": "2026-09-15T10:30:00.000Z",
        "fetchType": "PERIODIC",
        "fiTypes": ["DEPOSIT", "TERM_DEPOSIT"],
        "fipId": "HDFC-FIP",
        "maskedAccountNumber": "XXXXXXXX1234"
      },
      {
        "consentID": "3f2a8c91-2d4e-4b1a-8c6d-1e5f4a7b8c1d",
        "consentHandle": "7a4b8222-11cd-4a88-88d7-a0817e786d6a",
        "status": "REVOKED",
        "productID": "TESTWM01",
        "accountID": "test123",
        "aaId": "onemoney-aa",
        "createdOn": "2025-08-01T09:00:00.000Z",
        "modifiedOn": "2025-09-01T14:30:00.000Z",
        "consentStart": "2025-08-01T09:00:00.000Z",
        "consentExpiry": "2026-08-01T09:00:00.000Z",
        "fetchType": "ONETIME",
        "fiTypes": ["DEPOSIT"],
        "fipId": "ICICI-FIP",
        "maskedAccountNumber": "XXXXXXXX5678"
      }
    ]
  }
  ```
</CodeGroup>

| Field    | Type   | Description                                                                                                                                                           |
| -------- | ------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `status` | string | Overall API call status. Will be `success` for successful requests.                                                                                                   |
| `ver`    | string | The version of the FinPro API that processed this request. Useful for debugging and version tracking.                                                                 |
| `data`   | array  | An array of consent objects. Each object represents one consent record associated with the mobile number and product ID. The array may be empty if no consents exist. |

### Consent Object Fields

Each consent object in the `data` array contains the following fields:

| Field                 | Type   | Description                                                                                                                                                                                                                                                                |
| --------------------- | ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `consentID`           | string | The unique consent identifier assigned by the Account Aggregator after the customer approves the consent. This is null for consents that are still pending or were rejected. Use this ID for operations like revocation or data fetching.                                  |
| `consentHandle`       | string | The consent handle that was generated when the consent request was created. This identifies the consent request throughout its lifecycle and is available immediately upon creation.                                                                                       |
| `status`              | string | Current status of the consent. Possible values: `PENDING` (awaiting customer action), `ACTIVE` (approved and currently valid), `REJECTED` (customer declined), `REVOKED` (customer or FIU cancelled), `EXPIRED` (validity period ended), `PAUSED` (temporarily suspended). |
| `productID`           | string | The product/consent template identifier that was used to create this consent. Matches the product ID from your request.                                                                                                                                                    |
| `accountID`           | string | The account identifier that was provided when creating the consent request. This helps correlate consents with your internal customer interactions or loan applications.                                                                                                   |
| `aaId`                | string | Identifier of the Account Aggregator that processed this consent. Typically `onemoney-aa` for MoneyOne's AA service.                                                                                                                                                       |
| `createdOn`           | string | ISO 8601 timestamp indicating when the consent request was created in the FinPro system.                                                                                                                                                                                   |
| `modifiedOn`          | string | ISO 8601 timestamp indicating when the consent record was last updated. This changes when status transitions occur (approval, revocation, etc.).                                                                                                                           |
| `consentStart`        | string | ISO 8601 timestamp indicating when the consent becomes valid and data fetching can begin. Usually matches or is close to the creation time.                                                                                                                                |
| `consentExpiry`       | string | ISO 8601 timestamp indicating when the consent will automatically expire. After this time, the consent can no longer be used for data fetching.                                                                                                                            |
| `fetchType`           | string | The type of data fetch allowed by this consent. `PERIODIC` allows multiple fetches within the validity period. `ONETIME` allows only a single data fetch, after which the consent becomes unusable.                                                                        |
| `fiTypes`             | array  | Array of Financial Information types that this consent covers. Examples: `DEPOSIT`, `TERM_DEPOSIT`, `RECURRING_DEPOSIT`, `SIP`, `MUTUAL_FUNDS`, `INSURANCE_POLICIES`, etc.                                                                                                 |
| `fipId`               | string | The Financial Information Provider (typically a bank or financial institution) identifier for which this consent was approved.                                                                                                                                             |
| `maskedAccountNumber` | string | The customer's account number at the FIP, with most digits masked for privacy. Format typically shows last 4 digits: `XXXXXXXX1234`.                                                                                                                                       |

### Empty Result Response

If no consents are found for the specified mobile number and product ID combination:

<CodeGroup>
  ```json Empty Response theme={null}
  {
    "ver": "1.21.0",
    "status": "success",
    "data": []
  }
  ```
</CodeGroup>

### Error Response (400 Bad Request)

When the request contains invalid data or fails validation:

<CodeGroup>
  ```json Error Response theme={null}
  {
    "ver": "1.21.0",
    "timestamp": "2025-10-01T11:43:37.741Z",
    "errorCode": "InvalidRequest",
    "errorMsg": " [ mobileNumber must be valid 10 digit ] "
  }
  ```
</CodeGroup>

| Field       | Type   | Description                                                                                                                                      |
| ----------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------ |
| `ver`       | string | The version of the FinPro API that processed this request.                                                                                       |
| `timestamp` | string | ISO 8601 formatted timestamp indicating when the error occurred. Useful for debugging and correlating with server logs.                          |
| `errorCode` | string | A human-readable error code indicating the category of error. Common values include `InvalidRequest`, `AuthenticationFailed`, etc.               |
| `errorMsg`  | string | A detailed error message explaining what went wrong. This provides specific information about which field or validation rule caused the failure. |

## Common Error Codes

| Error Code             | Status Code | Description                                                                                   | Resolution                                                                                                                                                                   |
| ---------------------- | ----------- | --------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `InvalidRequest`       | 400         | The request body contains invalid data or missing required fields.                            | Verify that `mobileNumber` is present and correctly formatted. Check that any optional fields (`productID`, `accountID`, `status`, `limit`, `pageno`) are valid if provided. |
| `InvalidMobileNumber`  | 400         | The `mobileNumber` is not a valid 10-digit number.                                            | Ensure the mobile number is exactly 10 digits without country code, spaces, or special characters.                                                                           |
| `InvalidProductID`     | 400         | The specified `productID` does not exist or is not configured for your organization.          | Verify the product ID in the FinPro admin portal and ensure it's active.                                                                                                     |
| `AuthenticationFailed` | 401         | The provided credentials (client\_id, client\_secret, organisationId) are invalid or expired. | Verify your credentials in the FinPro admin portal. Ensure you're using the correct credentials for the environment.                                                         |

## Example Request

<CodeGroup>
  ```bash cURL theme={null}
  curl --location '{{Base_URL}}/getconsentslist' \
  --header 'Content-Type: application/json' \
  --header 'client_id: {{Client_Id}}' \
  --header 'client_secret: {{Client_Secret}}' \
  --header 'organisationId: {{Organisation_Id}}' \
  --header 'appIdentifier: {{App_Identifier}}' \
  --data '{
      "mobileNumber": "9876543210",
      "productID": "TESTWM01",
      "accountID": "test123",
      "status": ["ACTIVE", "PENDING"],
      "limit": 10,
      "pageno": 1
  }'
  ```

  ```javascript JavaScript theme={null}
  const response = await fetch('{{Base_URL}}/getconsentslist', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'client_id': '{{Client_Id}}',
      'client_secret': '{{Client_Secret}}',
      'organisationId': '{{Organisation_Id}}',
      'appIdentifier': '{{App_Identifier}}'
    },
    body: JSON.stringify({
      mobileNumber: '9876543210',
      productID: 'TESTWM01',
      accountID: 'test123',
      status: ['ACTIVE', 'PENDING'],
      limit: 10,
      pageno: 1
    })
  });

  const data = await response.json();

  // Filter active consents
  const activeConsents = data.data.filter(consent => consent.status === 'ACTIVE');
  console.log(`Found ${activeConsents.length} active consents`);
  ```

  ```python Python theme={null}
  import requests

  url = "{{Base_URL}}/getconsentslist"
  headers = {
      "Content-Type": "application/json",
      "client_id": "{{Client_Id}}",
      "client_secret": "{{Client_Secret}}",
      "organisationId": "{{Organisation_Id}}",
      "appIdentifier": "{{App_Identifier}}"
  }
  payload = {
      "mobileNumber": "9876543210",
      "productID": "TESTWM01",
      "accountID": "test123",
      "status": ["ACTIVE", "PENDING"],
      "limit": 10,
      "pageno": 1
  }

  response = requests.post(url, json=payload, headers=headers)
  data = response.json()

  # Group consents by status
  from collections import Counter
  status_counts = Counter(consent['status'] for consent in data['data'])
  print(f"Consent status distribution: {dict(status_counts)}")
  ```
</CodeGroup>

## Use Cases

### Displaying Customer Consent Dashboard

Show customers all their consents with different institutions:

```javascript theme={null}
async function loadConsentDashboard(mobileNumber, productID) {
  const response = await getConsentsList(mobileNumber, productID);
  const consents = response.data;

  // Organize by status
  const organized = {
    active: consents.filter(c => c.status === 'ACTIVE'),
    pending: consents.filter(c => c.status === 'PENDING'),
    revoked: consents.filter(c => c.status === 'REVOKED'),
    expired: consents.filter(c => c.status === 'EXPIRED')
  };

  return organized;
}
```

### Checking for Existing Active Consents

Before creating a new consent, check if one already exists:

```python theme={null}
def has_active_consent(mobile_number, product_id, fip_id):
    """Check if customer already has an active consent for a specific FIP"""
    response = get_consents_list(mobile_number, product_id)

    for consent in response['data']:
        if consent['status'] == 'ACTIVE' and consent['fipId'] == fip_id:
            return True, consent['consentID']

    return False, None

# Usage
has_consent, consent_id = has_active_consent('9876543210', 'TESTWM01', 'HDFC-FIP')
if has_consent:
    print(f"Active consent already exists: {consent_id}")
else:
    # Proceed to create new consent
    pass
```

### Consent Audit Report

Generate compliance reports showing consent history:

```javascript theme={null}
function generateConsentAuditReport(consents) {
  return consents.map(consent => ({
    consentID: consent.consentID,
    status: consent.status,
    fipName: consent.fipId,
    accountNumber: consent.maskedAccountNumber,
    createdDate: new Date(consent.createdOn).toLocaleDateString(),
    expiryDate: new Date(consent.consentExpiry).toLocaleDateString(),
    daysActive: calculateDaysBetween(consent.createdOn, consent.modifiedOn),
    dataTypes: consent.fiTypes.join(', ')
  }));
}
```

## Best Practices

1. **Cache Consent Lists**: The consent list doesn't change frequently. Cache the results for a reasonable duration (e.g., 5-10 minutes) to reduce API calls.

2. **Status Filtering**: After retrieving the list, filter on the client side based on your needs (active consents for data fetching, pending for reminders, etc.).

3. **Combine with Webhooks**: Use this API to populate initial state, then rely on webhooks for real-time updates rather than polling repeatedly.

4. **Error Handling**: Always check the status field and handle empty arrays gracefully when no consents exist.

5. **Display Masked Data**: When showing consent information to customers, use the `maskedAccountNumber` to protect privacy while allowing customers to identify their accounts.

## API Version Comparison

* **V1 (this API)**: Uses mobile number as identifier. Supports optional filtering by product, account, and status. Supports pagination via `limit` and `pageno`.
* **V2**: Uses flexible party identifiers (mobile, email, PAN, AADHAR, DOB, GSTIN). Returns similar flat list with enhanced filtering based on identifier type and account ID.
* **V1 Unique Accounts**: Provides deduplicated view with unique accounts per FIP. Supports status filtering and pagination for large result sets.

Choose this API when:

* You need simple, straightforward consent listing by mobile number
* You want optional filtering by product, account, or status
* You need basic pagination support via `limit` and `pageno`
* You want the most compatible API version with legacy systems


## OpenAPI

````yaml POST /getconsentslist
openapi: 3.0.3
info:
  title: FinPro API
  description: MoneyOne FinPro - Account Aggregator FIU Platform APIs
  version: 1.21.0
servers:
  - url: '{baseUrl}'
    description: FinPro API Server
    variables:
      baseUrl:
        default: https://scramblerpay-uat.moneyone.in
        description: API Base URL - change this to your environment
security:
  - clientId: []
    clientSecret: []
    organisationId: []
    appIdentifier: []
paths:
  /getconsentslist:
    post:
      tags:
        - Consent Management
      summary: Get Consents List
      description: >-
        Retrieve a comprehensive list of all consents associated with a
        customer's mobile number and product ID. Returns all consent records
        regardless of status, providing a complete historical view including
        active, pending, rejected, revoked, and expired consents.
      operationId: getConsentsList
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GetConsentsListRequest'
            example:
              mobileNumber: '9876543210'
              productID: TESTWM01
              accountID: test123
              status:
                - ACTIVE
                - PENDING
              limit: 10
              pageno: 1
      responses:
        '200':
          description: Consents retrieved successfully
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetConsentsListResponse'
              example:
                ver: 1.21.0
                status: success
                data:
                  - consentID: 20918495-ea9c-4508-a1b4-93ca1fbfd0f3
                    consentHandle: 8b5b9333-00df-4b99-99d8-b0918f897e7b
                    status: ACTIVE
                    productID: TESTWM01
                    accountID: test123
                    aaId: onemoney-aa
                    createdOn: '2025-09-15T10:30:00.000Z'
                    modifiedOn: '2025-09-15T11:00:00.000Z'
                    consentStart: '2025-09-15T10:30:00.000Z'
                    consentExpiry: '2026-09-15T10:30:00.000Z'
                    fetchType: PERIODIC
                    fiTypes:
                      - DEPOSIT
                      - TERM_DEPOSIT
                    fipId: HDFC-FIP
                    maskedAccountNumber: XXXXXXXX1234
        '400':
          description: Bad Request - Invalid data or validation failure
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
              example:
                ver: 1.21.0
                timestamp: '2025-10-01T11:43:37.741Z'
                errorCode: InvalidRequest
                errorMsg: ' [ mobileNumber must be valid 10 digit ] '
        '401':
          description: Authentication Failed - Invalid credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      security:
        - clientId: []
          clientSecret: []
          organisationId: []
          appIdentifier: []
components:
  schemas:
    GetConsentsListRequest:
      type: object
      required:
        - mobileNumber
      properties:
        mobileNumber:
          type: string
          pattern: ^[0-9]{10}$
          description: >-
            The customer's 10-digit mobile number without country code or
            special characters. This should be the same mobile number used when
            creating consent requests.
        productID:
          type: string
          description: >-
            The unique identifier of the consent template (product) for which
            you want to retrieve consents. This filters the consent list to only
            show consents created using this specific product configuration.
            Optional — if omitted, consents across all products are returned.
        accountID:
          type: string
          description: >-
            The account identifier to filter consents for a specific customer
            interaction or loan application. Use the same value that was
            provided during consent creation.
        status:
          type: array
          items:
            type: string
            enum:
              - ACTIVE
              - PAUSED
              - REVOKED
              - EXPIRED
              - PENDING
              - REJECTED
          description: >-
            An array of consent status values to filter the results. If not
            provided, consents of all statuses are returned.
        limit:
          type: integer
          minimum: 1
          description: >-
            The maximum number of consent records to return. Use in combination
            with pageno for pagination through large result sets.
        pageno:
          type: integer
          minimum: 1
          description: >-
            The page number to retrieve when using pagination. Pages are
            1-indexed (first page is 1). Use in combination with limit to
            paginate results.
    GetConsentsListResponse:
      type: object
      properties:
        ver:
          type: string
          description: The version of the FinPro API that processed this request.
        status:
          type: string
          description: Overall API call status. Will be 'success' for successful requests.
        data:
          type: array
          description: >-
            An array of consent objects. Each object represents one consent
            record associated with the mobile number and product ID. The array
            may be empty if no consents exist.
          items:
            $ref: '#/components/schemas/ConsentObject'
    ErrorResponse:
      type: object
      properties:
        ver:
          type: string
          description: API version
        timestamp:
          type: string
          format: date-time
          description: When the error occurred
        errorCode:
          type: string
          description: Error category code
        errorMsg:
          type: string
          description: Detailed error message
        status:
          type: string
          description: FinPro-specific error code (FPxxxx format)
    ConsentObject:
      type: object
      description: Represents a single consent record with all its details.
      properties:
        consentID:
          type: string
          format: uuid
          description: >-
            The unique consent identifier assigned by the Account Aggregator
            after the customer approves the consent. This is null for consents
            that are still pending or were rejected.
        consentHandle:
          type: string
          format: uuid
          description: >-
            The consent handle that was generated when the consent request was
            created. This identifies the consent request throughout its
            lifecycle.
        status:
          type: string
          enum:
            - PENDING
            - ACTIVE
            - REJECTED
            - REVOKED
            - EXPIRED
            - PAUSED
          description: >-
            Current status of the consent. PENDING (awaiting customer action),
            ACTIVE (approved and currently valid), REJECTED (customer declined),
            REVOKED (customer or FIU cancelled), EXPIRED (validity period
            ended), PAUSED (temporarily suspended).
        productID:
          type: string
          description: >-
            The product/consent template identifier that was used to create this
            consent.
        accountID:
          type: string
          description: >-
            The account identifier that was provided when creating the consent
            request. This helps correlate consents with your internal customer
            interactions or loan applications.
        aaId:
          type: string
          description: >-
            Identifier of the Account Aggregator that processed this consent.
            Typically 'onemoney-aa' for MoneyOne's AA service.
        createdOn:
          type: string
          format: date-time
          description: >-
            ISO 8601 timestamp indicating when the consent request was created
            in the FinPro system.
        modifiedOn:
          type: string
          format: date-time
          description: >-
            ISO 8601 timestamp indicating when the consent record was last
            updated. This changes when status transitions occur.
        consentStart:
          type: string
          format: date-time
          description: >-
            ISO 8601 timestamp indicating when the consent becomes valid and
            data fetching can begin.
        consentExpiry:
          type: string
          format: date-time
          description: >-
            ISO 8601 timestamp indicating when the consent will automatically
            expire. After this time, the consent can no longer be used for data
            fetching.
        fetchType:
          type: string
          enum:
            - PERIODIC
            - ONETIME
          description: >-
            The type of data fetch allowed by this consent. PERIODIC allows
            multiple fetches within the validity period. ONETIME allows only a
            single data fetch.
        fiTypes:
          type: array
          items:
            type: string
          description: >-
            Array of Financial Information types that this consent covers.
            Examples: DEPOSIT, TERM_DEPOSIT, RECURRING_DEPOSIT, SIP,
            MUTUAL_FUNDS, INSURANCE_POLICIES, etc.
        fipId:
          type: string
          description: >-
            The Financial Information Provider (typically a bank or financial
            institution) identifier for which this consent was approved.
        maskedAccountNumber:
          type: string
          description: >-
            The customer's account number at the FIP, with most digits masked
            for privacy. Format typically shows last 4 digits: XXXXXXXX1234.
  securitySchemes:
    clientId:
      type: apiKey
      in: header
      name: client_id
      description: Your unique client identifier provided by MoneyOne during FIU onboarding
    clientSecret:
      type: apiKey
      in: header
      name: client_secret
      description: Your confidential client secret provided by MoneyOne
    organisationId:
      type: apiKey
      in: header
      name: organisationId
      description: Your organization's unique identifier in the FinPro system
    appIdentifier:
      type: apiKey
      in: header
      name: appIdentifier
      description: Application-specific identifier for tracking API calls

````