swagger: "2.0" info: description: This API will create a unique chase reference number for a given Card Account.The identifier can be used by merchant in subsequent API calls to uniquely refer to that account. version: 1.5.0 title: Card Loyalty Merchant Relationship Manager API for PCI Compliant Merchants host: "api-sandbox.chase.com" basePath: /card/loyalty/benefits-management/pci-merchants/v1 x-chase-info: "24380//External///Product" schemes: - https consumes: - application/json produces: - application/json paths: /accounts/merchant-references: post: summary: This API will create a unique chase reference number for a given Card Account for PCI Compliant Merchants. description: This API will create a unique chase reference number for a given Card Account. Chase reference number will be unique for each merchant. The API accepts a card-number which the reference identifier will be created. parameters: - name: "authorization" in: "header" description: "OAuth bearer token will be sent in this header as per the OAuth2 spec. This header will be used by the API gateway. The API does not need to do anything with this header" required: true type: "string" maxLength: 8000 - name: "authorization2" in: "header" description: "Additional authorization on top of standard OAuth token in the Authorization Header. The use of this header is different for 3-legged and 2-legged use cases" required: true type: "string" maxLength: 8000 - name: "request-id" in: "header" description: "A unique Request Id for every Request. This SHOULD be unique for every Request and a 128 bit number encoded as 32 lower-hex characters. Used to support idempotency of services. Example Usage-> If the client is unsure of the successful processing of a POST or PUT request on the server (i. e. timeouts) the client should re-send the request with the same request-id ." required: false type: "string" maxLength: 32 - name: "channel-type" in: "header" description: "Digital channel type indicates where the request originated from." required: false type: "string" maxLength: 15 - name: "trace-id" in: "header" description: "A unique transaction id for every request. Note that even though the Request-id might be same on the retried requests, the Unique-Tran-Id should be unique for each request." required: true type: "string" maxLength: 32 - name: "merchantreferencerequestPCI" in: body required: true description: "Request body for the PCI enabled merchant" schema: $ref: "#/definitions/merchantReferenceRequestPCI" responses: "201": description: >- Chase Reference Identifier found/created schema: $ref: "#/definitions/merchantReferenceResponse" "400": description: >- `9013/9104/9105/9106/9107/9108: Invalid Request.Required data is missing or data is not consistent.` schema: $ref: "#/definitions/Error" "401": description: >- 9011/9012: Authorization Failure. Invalid access token or inactive client application. schema: $ref: "#/definitions/Error" "404": description: "The {resourceId} being requested is not found." schema: $ref: "#/definitions/Error" "405": description: >- Operation /method not allowed schema: $ref: "#/definitions/Error" "409": description: >- `9113: Card is not eligible.` schema: $ref: "#/definitions/Error" "500": description: >- 9108/9109: Internal Server Error.` schema: $ref: "#/definitions/Error" "503": description: >- `9112: Downstream service is unavailable.` schema: $ref: "#/definitions/Error" /ping: get: summary: "ping" description: "This method is used to get health check of the service" operationId: "ping" parameters: [] responses: 200: description: "successful operation" schema: type: "array" items: type: "string" definitions: merchantReferenceRequestPCI: description: Request body for the PCI enabled merchant type: object required: - cardNumber properties: cardNumber: type: string description: The Card Number is a number recognized by various payment systems to route debit card, ATM and credit Card transactions to an issuer and to identify the underlying account to which each transaction should be applied. Transactions may be initiated from physical or non physical devices (e.g. debit card, ATM, credit card, Single Use Account (SUA), Near Field Communication (NFC), etc.). maxLength: 19 x-chase-dataelem: VCONF/197/Y/N Error: description: base object for the error response type: object required: - errorDescription properties: errorDescription: type: string description: Freeform explanatory text for the error. maxLength: 250 serviceErrorCode: type: string description: A code defined by the API provider that describes the specific error for a given API. This code provides more fine grained information than the httpStatusCode. As an example if an API provides an httpStatusCode of 400 they may also include the serviceErrorCode that includes more specific information of what caused a 400 response. (i.e. INVALID_EMAIL, INVALID_PHONE_NUMBER, etc) maxLength: 20 externalErrorCode: type: string description: "A code defined by the service for the external partner that includes a more specific information of what caused the error." maxLength: 90 merchantReferenceResponse: type: object required: - accountReferenceUniversalUniqueIdentifier - productInformation properties: accountReferenceUniversalUniqueIdentifier: type: string description: A universally unique identifier (UUID) that is randomly generated to identify each account that is persisted at the merchant end. This value will help the merchant identify the card account during a transaction or product trade. A UUID is a 128-bit number used to identify information in computer systems. The field length of 36 bytes corresponds to 128 bits (via Hexadecimal string conversion). format: uuid productInformation: type: object required: - merchantDefinedProductCode properties: merchantDefinedProductCode: type: "string" description: "Codifies the product referred in the Merchant Relationship Manager Service built within Loyalty application interface. The value is internally assigned by the application according to the reward product code (RPC). Values include: JPM_RESERVE, SAPPHIRE_RESERVE, SAPPHIRE_PREFERRED, SAPPHIRE_NO_FEE, INK_BUSINESS_PREFERRED, INK_PLUS, INK_BUSINESS_CASH, INK_CASH, INK_BUSINESS_UNLIMITED, FREEDOM_UNLIMITED, FREEDOM, FREEDOM_STUDENT, SLATE, FREEDOM_FLEX, CORPORATE_FLEX, INK_BUSINESS_PREMIER, OTHER_CHASE_CARD." maxLength: 50 securityDefinitions: Common 2-Legged OAuth: type: oauth2 description: This API is secured by the common 2-legged OAuth API. flow: application scopes: card: "" tokenUrl: https://api-sandbox.chase.com/ccoauth/token security: - Common 2-Legged OAuth: - card