Known Moneyhub OAuth2 scopes, grouped by purpose.
Scopes are plain strings on the wire (space-delimited in the
scope authorisation parameter) - this module exists so call sites can
reference MoneyHub.Scopes.accounts_read() instead of repeating
"accounts:read" everywhere, and to give a single place documenting what
each scope unlocks.
Combine scopes with join/1:
MoneyHub.Scopes.join([
MoneyHub.Scopes.openid(),
MoneyHub.Scopes.accounts_read(),
MoneyHub.Scopes.transactions_read()
])
#=> "openid accounts:read transactions:read"Bank connection (AIS) scopes
openid/0- required on every authorisation request.accounts_read/0- read account summaries (balances, type, provider).accounts_details_read/0- read sensitive account identifiers (sort code, account number, IBAN, PAN). Subject to additional approval.transactions_read/0- read transaction history.offline_access/0- request a refresh token for ongoing access.
Payment (PIS) scopes
payment/0- required to create/execute a single immediate payment.payee_create/0- required to create a payee ahead of payment.recurring_payment/0- required for Variable Recurring Payments (VRP).standing_order/0- required to create standing orders.
Provider chooser scopes
id_api/0- shows API-based (live) providers in the bank chooser.id_test/0- shows test/mock providers in the bank chooser.
Identity / widget scopes
widget_authentication/0- required for embedded-component tenant user tokens.
Summary
Functions
The minimal scope set for a one-time or ongoing AIS (account
aggregation) connection: openid accounts:read transactions:read.
ais/0 plus offline_access, for connections that should be refreshable
without the user re-authenticating from scratch.
Joins a list of scopes into the space-delimited string expected by the
scope authorisation parameter. Duplicates are removed; order of first
appearance is preserved.
The minimal scope set to create and execute a single immediate payment:
openid payment payee:create.
Types
@type t() :: String.t()
Functions
@spec accounts_details_read() :: t()
@spec accounts_read() :: t()
@spec ais() :: String.t()
The minimal scope set for a one-time or ongoing AIS (account
aggregation) connection: openid accounts:read transactions:read.
@spec ais_offline() :: String.t()
ais/0 plus offline_access, for connections that should be refreshable
without the user re-authenticating from scratch.
@spec id_api() :: t()
@spec id_test() :: t()
Joins a list of scopes into the space-delimited string expected by the
scope authorisation parameter. Duplicates are removed; order of first
appearance is preserved.
@spec offline_access() :: t()
@spec openid() :: t()
@spec payee_create() :: t()
@spec payment() :: t()
@spec payments() :: String.t()
The minimal scope set to create and execute a single immediate payment:
openid payment payee:create.
@spec recurring_payment() :: t()
@spec standing_order() :: t()
@spec transactions_read() :: t()
@spec widget_authentication() :: t()