Device Blocking Status

openapi: 3.0.0 info: version: '0.0' title: Device Blocking Status description: | Retrieve device blocking status for an institution. This endpoint enables Financial Institutions to integrate device blocking status into their homegrown applications and 3rd party intelligence products to make authorization decisions. tags: - name: Device Blocking Status servers: - url: 'https://banno.com' paths: '/a/highrisk/api/institutions/{institutionId}/devices/status': get: tags: - Device Blocking Status summary: Get device blocking status for an institution description: | Retrieves a paginated list of devices with their blocking status (blocked, allowed, or unresolved) for an institution. Only devices with activity within the last 90 days are returned. Results are sorted by creation date in descending order. Requires the "View" permission for People and Identity security settings. security: - clientCredentials: - https://jackhenry.com/auth/enterprise/jh-intercept/reports.read parameters: - in: path name: institutionId description: ID of the Institution required: true schema: type: string format: uuid - in: query name: limit required: false description: Maximum number of devices to return per page. schema: type: integer minimum: 1 maximum: 250 default: 50 - in: query name: offset required: false description: Number of devices to skip for pagination. schema: type: integer minimum: 0 default: 0 - in: query name: deviceId required: false description: Filter results to a specific device ID. schema: type: string - in: query name: status required: false description: | Filter devices by status: - `blocked`: Devices that are blocked from performing high-risk actions - `allowed`: Devices that are explicitly allowed or not blocked - `unresolved`: Devices that have not yet attempted a high-risk action - `all`: Returns all devices regardless of status (default) schema: type: string enum: [blocked, allowed, unresolved, all] default: all - in: query name: createdAfter required: false description: Filter devices created after this date (inclusive). ISO 8601 format. schema: type: string format: date-time - in: query name: createdBefore required: false description: Filter devices created before this date (inclusive). ISO 8601 format. schema: type: string format: date-time responses: '200': description: Successfully retrieved device blocking status content: application/json: schema: $ref: '#/components/schemas/HraDeviceStatusResponse' '400': description: Invalid request parameters content: application/json: schema: $ref: '#/components/schemas/Error' '401': description: Unauthorized '403': description: Forbidden - insufficient permissions content: application/json: schema: $ref: '#/components/schemas/Error' '404': description: Institution not found content: application/json: schema: $ref: '#/components/schemas/Error' '500': description: Internal server error content: application/json: schema: $ref: '#/components/schemas/Error' components: securitySchemes: clientCredentials: type: oauth2 description: OAuth2 using the client credentials flow flows: clientCredentials: tokenUrl: https://banno.com/a/oidc-provider/api/v0/token scopes: https://jackhenry.com/auth/enterprise/jh-intercept/reports.read: Read access to device blocking reports schemas: HraDeviceStatus: type: object description: Device with blocking status information required: - deviceId - userId - status - createdAt - lastSeenAt properties: deviceId: type: string description: Unique identifier for the device example: "88888888-8888-8888-8888-888888888888" userId: type: string format: uuid description: Unique identifier for the user who owns the device example: "22222222-2222-2222-2222-222222222222" status: type: string enum: [blocked, allowed, unresolved] description: | Device blocking status: - `blocked`: Device is blocked from performing high-risk actions - `allowed`: Device is explicitly allowed or not blocked - `unresolved`: Device has not yet attempted a high-risk action (is_blocked_for_hra is null) createdAt: type: string format: date-time description: Timestamp when the device was first registered example: "2024-01-15T10:30:00.000Z" lastSeenAt: type: string format: date-time description: Timestamp when the device was last active (always present for returned devices) example: "2024-01-20T14:45:00.000Z" deviceVersion: type: string nullable: true description: Version of the device example: "1.2.3" deviceTypeId: type: string nullable: true description: Type identifier for the device (e.g., "mobile", "desktop") example: "mobile" deviceInfo: type: object nullable: true description: Additional device information additionalProperties: true example: platform: "iOS" model: "iPhone 14" os: "iOS" osVersion: "17.0" riskScore: type: number nullable: true description: Risk score associated with the device example: 42 HraDeviceStatusResponse: type: object description: Paginated response containing devices with blocking status required: - devices - links properties: devices: type: array description: List of devices with their blocking status items: $ref: "#/components/schemas/HraDeviceStatus" links: type: object required: - next properties: next: type: string nullable: true description: Relative URL to the next page of results. Null if there are no more pages. example: "/a/highrisk/api/institutions/123/devices/status?limit=50&offset=50" Error: type: object description: Error response required: - code - message properties: code: type: string description: Error code example: "INVALID_REQUEST" message: type: string description: Human-readable error message example: "The provided institution ID is not valid" details: type: object description: Additional error details additionalProperties: true