Upload File for Payment Consent

OAuth2 PAR flow, it is required when the User needs to perform SCA with the LFI when a TPP wants to access an LFI resource owned by the User. Please refer to OpenID FAPI Security Profile 1.0 -Part 2 Advanced - 5.2.2 point 14 - shall authenticate the confidential client using one of the following methods private_key_jwt and OpenID Connect Core 1.0 9. Client Authentication private_key_jwt

An authorization Token as per https://tools.ietf.org/html/rfc6750

The time when the User last logged in with the TPP. All dates in the HTTP headers are represented as RFC 7231 Full Dates. An example is below: Sun, 10 Sep 2023 19:43:31 UTC

The User's IP address if the User is currently logged in with the TPP.

An RFC4122 UID used as a correlation id.

Indicates the user-agent that the User is using.

Ensures the LFI processes the resource successfully only once per x-idempotency-key

The TPP must not change the request body while using the same x-idempotency-key, changes to the request body will not result any action on the end resource.

The OFP will treat a request as idempotent if it had received the first request with the same x-idempotency-key from the same TPP in the preceding 24 hours.

Unique identification as assigned by the LFI to uniquely identify the Consent resource