X-Timestamp: \[time this request was generated, used in HMAC token generation]
X-UAEPASS-Signature: Refer section API nonrepudiation – HMAC in Security
X-UP-AccessToken: refer section Generating client credential tokens in Security
Authorization: refer section Generating client credential tokens in Security
| ### Request Parameters | Name | Type | Mandatory/Optional | | --------------- | ------ | ------------------ | | spTransactionID | String | M | | spId | String | M | #### Sample Request ``` { "spTransactionID": "m9mhsb1iy0rqeru53e", "spId": "owner_sp_client_id" } ``` #### cURL Command ``` curl --location --request POST '/v1/consent/transaction/status' \ --header 'X-Timestamp: 1700000000' \ --header 'X-UAEPASS-Signature: {{X-UAEPASS-Signature}}' \ --header 'X-UP-AccessToken: {{abcde_ccg_access_token}}' \ --header 'Authorization: JWS {{abcde_ccg_jwt_token}}' \ --header 'User-Agent: Apidog/1.0.0 (https://apidog.com)' \ --header 'Content-Type: application/json' \ --data-raw '{ "spTransactionID": "XXX-12515", "spId": "abcde_client_id" }' ``` ### Response #### Response Parameters | Name | Type | Mandatory/Optional | Description | | -------------------- | ------ | ------------------ | ---------------------------------------------------------------------------- | | uaePassTransactionID | String | M | Generated uaepass id | | spTransactionID | String | M | | | status | String | M | Expected Values: \[TRIGGERED – ACCEPTED – REJECTED – INIT\_FAILED – EXPIRED] | #### Sample Success Response ``` { "code": "0", "desc": { "ar": "نجاح", "en": "success" }, "data": { "spTransactionID": "m9mhsb1iy0rqeru53e", "uaePassTransactionID": "cb6b2f12-85d5-4b75-8607-7e47161af598", "status": "ACCEPTED" } } ``` #### Error Response Codes | Error Description | Error Message | Http Status Code | | ----------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- | | Missing headers: \[X-UAEPASS-Signature - X-Timestamp] |{
"code": "401",
"desc": {
"ar": "UNAUTHORIZED",
"en": "UNAUTHORIZED"
}
}
| 401 | | Invalid spId |{
"code": "CONS\_1000012",
"desc": {
"ar": "مقدم الخدمة \[owner\_sp\_client\_ids] غير موجودة.",
"en": "Service Provider \[owner\_sp\_client\_ids] is not found."
}
}
| 404 | | Invalid spTransactionID |{
"code": "CONS\_1000010",
"desc": {
"ar": "المعاملة رقم \[thh95681-d24b-4b14-a5de-837b7e60c287-19] غير موجودة.",
"en": "Transaction id \[thh95681-d24b-4b14-a5de-837b7e60c287-19] is not found."
}
}
| 404 | | | | | #### API Invocation Guidelines The service provider (SP) should invoke this API only after the configured per-request expiry timeout has been reached. In most cases, the SP will receive the response earlier through the callback API, prior to the expiry time. {% hint style="warning" icon="message-waveform" %} * This API acts as a fallback mechanism when no response is received via the callback API. * Avoid invoking the API before the expiry timeout to prevent unnecessary or duplicate requests. {% endhint %}