Skip to main content
Initiating consent is the first step of the AA flow. You send the user’s identifiers and the products to fetch, and you receive a webRedirectionUrl (where you redirect the user) and a transaction_id (which you use for all subsequent calls).

Endpoint

POST /v3/requestconsent
Base URL (UAT / Production): Contact support@moneyone.in.

Headers

HeaderDescription
Content-Typeapplication/json
client_idYour client ID
client_secretYour client secret
organisationIdYour organisation ID
appIdentifierYour app identifier

Request body

{
  "vua": "<mobile_number>@onemoney",
  "accountID": "<account_id>",
  "productIDList": ["<product_id_1>", "<product_id_2>"],
  "partyIdentifierValue": "<mobile_number>",
  "partyIdentifierType": "MOBILE",
  "redirectUrl": "<your_redirect_url>",
  "fipID": ["<fip_id_1>", "<fip_id_2>"],
  "pan": "<pan_number>"
}

Parameters

vua
string
required
Virtual User Address, e.g. <mobile_number>@onemoney.
accountID
string
required
Your account identifier for the user.
productIDList
array
required
List of product IDs to fetch. Provide either productIDList or productID.
productID
string
required
A single product ID. Provide either productID or productIDList.
partyIdentifierValue
string
required
The value of the party identifier, e.g. the mobile number.
partyIdentifierType
string
required
The type of party identifier. One of MOBILE, PAN, AADHAR, EMAIL, DOB, GSTIN.
redirectUrl
string
URL the user is redirected back to after completing the journey.
fipID
array
List of FIP IDs to target for data fetch.
pan
string
The user’s PAN.
transactionID
string
An optional transaction identifier you supply for the journey.
fitype
array
List of financial information types to request.
config
object
Optional configuration. Supports fiDataRange with from and to timestamps to bound the data fetch window.

config example

{
  "config": {
    "fiDataRange": {
      "from": "2023-01-01T00:00:00.000Z",
      "to": "2024-01-01T00:00:00.000Z"
    }
  }
}

Sample request

curl --request POST \
  --url 'https://<base_url>/v3/requestconsent' \
  --header 'Content-Type: application/json' \
  --header 'client_id: <your_client_id>' \
  --header 'client_secret: <your_client_secret>' \
  --header 'organisationId: <your_organisation_id>' \
  --header 'appIdentifier: <your_app_identifier>' \
  --data '{
    "vua": "<mobile_number>@onemoney",
    "accountID": "<account_id>",
    "productIDList": ["<product_id_1>", "<product_id_2>"],
    "partyIdentifierValue": "<mobile_number>",
    "partyIdentifierType": "MOBILE",
    "redirectUrl": "<your_redirect_url>",
    "fipID": ["<fip_id_1>", "<fip_id_2>"],
    "pan": "<pan_number>"
  }'

Response

{
  "ver": "1.21.0",
  "status": "success",
  "data": {
    "webRedirectionUrl": "<web_redirection_url>",
    "transaction_id": "<transaction_id>"
  },
  "message": "Success"
}
Store the transaction_id — you will need it for status tracking and data fetch. The webRedirectionUrl carries a time-bound access_token; do not modify it.

Error Codes

HTTP StatusCondition
400 Bad RequestRequired fields are missing or have an invalid format (e.g. missing vua, invalid partyIdentifierType).
401 UnauthorizedCredentials are missing or invalid in the Authorization header.
500 Internal Server ErrorAn unexpected server-side error occurred.

Next step

Redirect the user to the webRedirectionUrl. See User Redirection.