Changelog

2026-04-01

User Management API

New endpoints for managing users and sessions:

• POST /users - Create a user with an externalId mapping to your system
• GET /users - Find a user by externalId
• GET /users/{userUuid} - Get user by UUID (supports both API key and JWT)
• DELETE /users/{userUuid} - Anonymize a user (soft delete)
• POST /users/{userUuid}/sessions - Create a JWT session token scoped to the user
• GET /users/{id}/collections - Get all collections for a user
• GET /users/{id}/consents - Get all consents for a user

New schemas: UserResponse, CreateUserRequest, SessionResponse

New PSD2 Banking Data Support

This version introduces PSD2 Account Information Service (AIS) support for collecting banking data:

• Psd2SavingsAccount - Savings accounts accessible via PSD2
• Psd2CheckingAccount - Checking/current accounts via PSD2
• Psd2CreditCard - Credit card products via PSD2

Consent Management

New consent lifecycle for PSD2 data collection:

• Consent - Consent record with status tracking, expiration, and scope
• CreateConsentRequest - Create PSD2 AIS consents with company, login method, and parameters
• ConsentStatusResponse - Poll consent status with auth instructions (BankID QR code or autostart token) and recommended polling interval
• ConsentError / ConsentStatusError - Structured error handling for consent failures
• Consent status flow: INITIATED → AWAITING_AUTHORIZATION → AUTHORIZED | REVOKED | EXPIRED | FAILED

New Parameters

• Psd2AisConsentParameter - Handle AIS consent when initiating PSD2 collections
• SwedishBankIdParameter - Swedish BankID authentication for consent authorization
• FilterParameter - Scope collections to specific accounts
• Support for stored consent handling for previously-authorized collections