title: ConsentRequestsPostRequest
type: object
description: >-
  Used by: PISP

  The HTTP request POST /consentRequests is used to request a DFSP to grant
  access to one or more accounts owned by a customer of the DFSP for the
  PISP who sends the request.

  Callback and data model for POST /consentRequests:

  Callback: PUT /consentRequests/{ID}
  Error callback: PUT /consentRequests/{ID}/error
  Data model - see below url

  https://github.com/mojaloop/documentation/blob/main/website/versioned_docs/v1.0.1/api/thirdparty/data-models.md#31212-post-consentrequests
properties:
  consentRequestId:
    $ref: ./CorrelationId.yaml
  userId:
    type: string
    description: >-
      The identifier used in the **GET /accounts/**_{ID}_.
      Used by the DFSP to correlate an account lookup to a `consentRequest`
    minLength: 1
    maxLength: 128
  scopes:
    type: array
    minLength: 1
    maxLength: 256
    items:
      $ref: ./Scope.yaml
  authChannels:
    type: array
    minLength: 1
    maxLength: 256
    items:
      $ref: ./ConsentRequestChannelType.yaml
  #   The callback uri that the user will be redirected to after completing the
  #   out of band WEB authentication with the DFSP. Used to allow the DFSP to
  #   whitelist the PISP's url ahead of time.
  callbackUri:
    $ref: ./Uri.yaml
  extensionList:
    $ref: ./ExtensionList.yaml
required:
  - consentRequestId
  - userId
  - scopes
  - authChannels
  - callbackUri