--- swagger: "2.0" info: x-ibm-name: authorization-clients-api title: Авторизация для клиентов version: 1.0.1 contact: email: shymbolat.aitbek@bcc.kz description: "" schemes: - https basePath: /v1/auth-client produces: - application/json securityDefinitions: Authorization: type: oauth2 description: Токен аутентификации, полученный при вызове сервиса авторизации flow: application scopes: bcc.application.business.account.management: Allow access to Busines Account Management API tokenUrl: https://api.bcc.kz/bcc/production/v2/oauth/token x-ibm-configuration: testable: true enforced: true phase: realized paths: /token: post: responses: 200: description: 200 OK schema: type: object properties: access_token: type: string example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... token_type: type: string example: bearer refresh_token: type: string example: eyJhbRefresh... expires_in: type: integer example: 300 scope: type: string example: openid 400: description: Bad Request. schema: type: object properties: error: type: string example: invalid_request error_description: type: string example: Some description about the error. 401: description: Unauthorized. schema: type: object properties: error: type: string example: unauthorized error_description: type: string example: Unauthorized access. operationId: GenerateToken summary: "" description: Аутентификация и получение токена parameters: - name: redirect_uri type: string required: false in: formData description: 'Redirect URI (пример: https://myapp.com/callback)' - name: grant_type type: string required: true in: formData description: Grant type (только authorization_code или refresh_token) - name: client_secret type: string required: false in: formData description: Защищенный ключ - name: code type: string required: false in: formData description: 'Authorization code (если grant_type: "authorization_code")' - name: refresh_token type: string required: false in: formData description: 'Refresh token (если grant_type: "refresh_token")' /generate-auth-url: post: responses: 200: description: 200 OK schema: type: object properties: authUrl: type: string example: https://base-url.kz/auth/realms/realm/protocol/openid-connect/auth?response_type=code&client_id=test-client-id&redirect_uri=https://myapp.com/callback&client_type=bcc-business&client_idn=011110001110&lang=ru 400: description: Bad Request. schema: type: object properties: error: type: string example: invalid_request error_description: type: string example: Some description about the error. 401: description: Unauthorized. operationId: GenerateAuthUrl summary: "" description: Генерация URL для авторизации parameters: - name: redirect_uri type: string required: true in: formData description: Redirect URI - name: client_idn type: string required: true in: formData description: БИН/ИИН клиента - name: lang type: string required: false in: formData description: 'Язык интерфейса (default: ru)' - name: scope type: string required: false in: formData description: 'Область видимости (default: oapi.business.account.api)' /escrow/ticket: get: responses: 200: description: 200 OK operationId: getTimeTicket /escrow/sign-in: post: responses: 200: description: 200 OK operationId: signIn tags: [] consumes: - application/json security: - Authorization: - bcc.application.business.account.management x-ibm-endpoints: - endpointUrl: https://api.bcc.kz:10443/bcc/production description: Альтернативная точка подключения для вызова сервиса в продуктивной среде. Зарегистрированное на портале developer.bcc.kz приложение должно быть в режиме "PRODUCTION" type: - production - development - endpointUrl: https://api.bcc.kz/bcc/production description: Точка подключения для вызова сервиса в продуктивной среде. Зарегистрированное на портале developer.bcc.kz приложение должно быть в режиме "PRODUCTION" type: - production - endpointUrl: https://api-test.bcc.kz/bcc/production description: Точка подключения для вызова сервисов в тестовой среде. Зарегистрированное на портале developer.bcc.kz приложение должно быть в режиме "DEVELOPMENT" type: - development ...