Consent Validator API
Validate consent objects against CBUAE Article 22 requirements. Checks purpose specificity, time bounds, data privacy, permissions, and withdrawal methods for Open Finance compliance.
/api/v1/openfinance/consent/validateTry it out
/api/v1/openfinance/consent/validateParameters
Code
curl -X POST "https://khaleejiapi.dev/api/v1/openfinance/consent/validate?consent=%7B%22purpose%22%3A%22account_balance%22%2C%22permissions%22%3A%5B%22ReadAccountsBasic%22%5D%2C%22expirationDate%22%3A%222026-01-01T00%3A00%3A00Z%22%7D" \ -H "Authorization: Bearer your_api_key"Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| consent.purpose | string | Optional | Consent purpose (e.g. account_balance, payment_initiation) |
| consent.purposes | string[] | Optional | Array of consent purposes |
| consent.permissions | string[] | Optional | Data permissions (e.g. ReadAccountsBasic, ReadBalances) |
| consent.expirationDate | ISO 8601 | Optional | Consent expiration date |
| consent.recurring | boolean | Optional | Whether consent is for recurring access |
| consent.sensitiveData | boolean | Optional | Whether consent involves sensitive personal data |
| consent.consentMethod | string | Optional | How consent is obtained (explicit_opt_in, digital_signature, biometric, two_factor) |
| consent.thirdPartySharing | boolean | Optional | Whether data will be shared with third parties |
Response Fields
compliant
Boolean indicating whether the consent object meets all CBUAE requirements
summary
total_issues, errors, warnings count with verdict in English and Arabic
issues[]
Array of compliance issues with rule, severity, article reference, and requirement text (EN/AR)
validPermissions, validPurposes, validConsentMethods
Reference arrays of all accepted values for building compliant consent flows
Rate Limits
| Plan | Requests/Month | Rate Limit |
|---|---|---|
| Free | 1,000 | 10 req/min |
| Starter | 10,000 | 60 req/min |
| Professional | 100,000 | 300 req/min |
| Business | 500,000 | 1,000 req/min |
Debugging & Support
Include X-Request-ID when contacting support
Every response from KhaleejiAPI includes an X-Request-ID header — a unique identifier that lets our support team pull the exact log entry for your request within seconds. Always share it when reporting an unexpected error or unexpected result.
How to capture it
JavaScript / fetch
const res = await fetch("https://khaleejiapi.dev/api/v1/...", {
headers: { Authorization: "******" },
});
const requestId = res.headers.get("x-request-id");
console.log("Request ID:", requestId);
// → e.g. "req_01j9xkz4vp8..."cURL
curl -si "https://khaleejiapi.dev/api/v1/..." \ -H "Authorization: ******" | grep -i x-request-id # → x-request-id: req_01j9xkz4vp8...
Browser DevTools
Open DevTools (F12) → Network tab → click the failing request → scroll to the Response Headers section → copy the value next to x-request-id.
For a full list of error codes and guidance on common issues, see the Troubleshooting guide.