Access Controls

The Access Controls service provides create, amend and view Tranche level permissions and configuration data.

Base Urls

The Access Controls service base Urls are as follows:

Service Root

/book-building/accesscontrols

Health Check

/book-building/accesscontrols/hc/status

Swagger

/book-building/accesscontrols/docs/index.html

API Endpoints

The full list of available API endpoints is show below, grouped by resource, with links to the detailed documentation for each. For a concise, structured definition please reference the `Swagger`_ specification.

v1 Tranche AccessControls:

Name

Method

Url

Description

Get v1 Tranche AccessControls by Tranche ID

Get

/v1/fixedincome/tranche/{trancheId}/accesscontrols

Get v1 Tranche AccessControls for given Tranche ID

Get v1 Tranche AccessControls by Source ID

Get

/v1/fixedincome/tranche/source/{sourceId}/accesscontrols

Get v1 Tranche AccessControls for given Source Tranche ID

Get Multiple v1 Tranche AccessControls by Tranche IDs

Post

/v1/fixedincome/tranche/accesscontrols

Get v1 Tranche AccessControls for multiple Tranche IDs

Create v1 Tranche AccessControls by Tranche ID

Post

/v1/fixedincome/tranche/{trancheId}/accesscontrols

Create v1 Tranche AccessControls against given Tranche ID

Create v1 Tranche AccessControls by Source ID

Post

/v1/fixedincome/tranche/source/{sourceId}/accesscontrols

Create v1 Tranche AccessControls against given Source ID

Update v1 Tranche AccessControls by Tranche ID

Put

/v1/fixedincome/tranche/{trancheId}/accesscontrols

Update v1 Tranche AccessControls against given Tranche ID

Update v1 Tranche AccessControls by Source ID

Put

/v1/fixedincome/tranche/source/{sourceId}/accesscontrols

Update v1 Tranche AccessControls against given Source ID

v2 Tranche AccessControls:

Name

Method

Url

Description

Get v2 User Tranche AccessControls by Tranche ID

Get

/v2/tranches/{trancheId}

Get v2 User Tranche AccessControls for given Tranche ID

Get v2 Full Tranche AccessControls by Tranche ID

Get

/v2/admin/tranches/{trancheId}

Get v2 Full Tranche AccessControls for given Tranche ID

Get v2 User Tranche AccessControls by Source ID

Get

/v2/tranches/source/{sourceId}

Get v2 User Tranche AccessControls for given Source ID

Get v2 Full Tranche AccessControls by Source ID

Get

/v2/admin/tranches/source/{sourceId}

Get v2 Full Tranche AccessControls for given Source ID

Get Multiple v2 User Tranche AccessControls by Tranche IDs

Post

/v2/tranches

Get v2 User Tranche AccessControls for multiple Tranche IDs

Get Multiple v2 Full Tranche AccessControls by Tranche IDs

Post

/v2/admin/tranches

Get v2 Full Tranche AccessControls for multiple Tranche IDs

Create v2 Tranche AccessControls by Tranche ID

Post

/v2/admin/tranches/{trancheId}

Create v2 Tranche AccessControls against given Tranche ID

Create v2 Tranche AccessControls by Source ID

Post

/v2/admin/tranches/source/{sourceId}

Create v2 Tranche AccessControls against given Source ID

Update v2 Tranche AccessControls by Tranche ID

Put

/v2/admin/tranches/{trancheId}

Update v2 Tranche AccessControls against given Tranche ID

Update v2 Tranche AccessControls by Source ID

Put

/v2/admin/tranches/source/{sourceId}

Update v2 Tranche AccessControls against given Source ID

Patch v2 Tranche AccessControls by Tranche ID

Patch

/v2/admin/tranches/{trancheId}

Patch v2 Tranche AccessControls against given Tranche ID

Patch v2 Tranche AccessControls by Source ID

Patch

/v2/admin/tranches/source/{sourceId}

Patch v2 Tranche AccessControls against given Source ID

v2 Deal AccessControls:

Name

Method

Url

Description

Get v2 User Deal AccessControls by Deal ID

Get

/v2/deals/{dealId}

Get v2 User Deal AccessControls for given Deal ID

Get v2 Full Deal AccessControls by Deal ID

Get

/v2/admin/deals/{dealId}

Get v2 Full Deal AccessControls for given Deal ID

Get v2 User Deal AccessControls by Source ID

Get

/v2/deals/source/{sourceId}

Get v2 User Deals AccessControls for given Source ID

Get v2 Full Deal AccessControls by Source ID

Get

/v2/admin/deals/source/{sourceId}

Get v2 Full Deal AccessControls for given Source ID

Get Multiple v2 User Deal AccessControls by Deal IDs

Post

/v2/deals

Get v2 User Deal AccessControls for multiple Deal IDs

Get Multiple v2 Full Deal AccessControls by Deal IDs

Post

/v2/admin/deals

Get v2 Full Deal AccessControls for multiple Deal IDs

Create v2 Deal AccessControls by Deal ID

Post

/v2/admin/deals/{dealId}

Create v2 Deal AccessControls against given Deal ID

Create v2 Deal AccessControls by Source ID

Post

/v2/admin/deals/source/{sourceId}

Create v2 Deal AccessControls against given Source ID

Update v2 Deal AccessControls by Deal ID

Put

/v2/admin/deals/{dealId}

Update v2 Deal AccessControls against given Deal ID

Update v2 Deal AccessControls by Source ID

Put

/v2/admin/deals/source/{sourceId}

Update v2 Deal AccessControls against given Source ID

Patch v2 Deal AccessControls by Deal ID

Patch

/v2/admin/deals/{dealId}

Patch v2 Deal AccessControls against given Deal ID

Patch v2 Deal AccessControls by Source ID

Patch

/v2/admin/deals/source/{sourceId}

Patch v2 Deal AccessControls against given Source ID

v1 Tranche AccessControl Firm Grants:

Name

Method

Url

Description

Get v1 Evaluated Firm Grants for given TrancheId/FirmId key, reduced by request token FirmId

Get

/v1/tranches/{trancheId}/firm-grants

Get v1 Evaluated Tranche AccessControls Firm Grants with the option for supporting data. Entity is keyed by TrancheId/FirmId. FirmId is acquired via request token.

Search for v1 Evaluated Firm Grants for given TrancheId/FirmId key(s), reduced by request token FirmId

Post

/v1/tranches/firm-grants/search

Search for v1 Evaluated Tranche AccessControls Firm Grants based on TrancheIds passed in as search criteria, filtered by the user’s FirmId. FirmId is acquired via request token.

Get All v1 Firm Grants for given TrancheId/FirmId key

Get

/v1/admin/tranches/{trancheId}/firm-grants

Returns all the firm grants for a given trancheId/firmId key

Create v1 Firm Grants for a given TrancheId/FirmId

Post

/v1/admin/tranches/{trancheId}/firm-grants

Allows for the creation of multiple firm grants against a single trancheId/firmId key.

Update v1 Firm Grants for a given TrancheId/FirmId

Put

/v1/admin/tranches/{trancheId}/firm-grants

Allows for replacing all firm grants per trancheId/FirmId

Delete All v1 Firm Grants for a given TrancheId/FirmId

Delete

/v1/admin/tranches/{trancheId}/firm-grants

Allows for the removal of all firm grants for a given trancheId/firmId key

v1/Tranches

Get v1 Tranche AccessControls by Tranche ID

Use this endpoint to retrieve all the v1 Tranche AccessControls associated to a given Tranche ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

Tranche Id from an already existing Deal

null

Response

The endpoint returns a JSON payload containing an object of v1 Tranche AccessControl attributes.

Shared data requests will evaluate to private data equivilent when token’s Firm-type is not set to ‘issuer’.

Get v1 Tranche AccessControls by Source ID

Use this endpoint to retrieve all the v1 Tranche AccessControls associated to a given Tranche using its Source ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

sourceId

string

Querystring

Tranche Id as the source system knows it

null

Response

The endpoint returns a JSON payload containing an object of v1 Tranche AccessControl attributes.

Shared data requests will evaluate to private data equivilent when token’s Firm-type is not set to ‘issuer’.

Get Multiple v1 Tranche AccessControls by Tranche IDs

Use this enpoint to retrieve v1 Tranche AccessControls for more than one Tranche Id. Note: this endpoint uses a POST method with list of Tranche Ids in the body.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheIds

UUID

Body

The unique ids of the Tranches to retrieve

null

Response

The endpoint returns a JSON response containing an array of v1 Tranche AccessControls Object.

Create v1 Tranche AccessControls by Tranche ID

Use this endpoint to create a new set of v1 Tranche AccessControls while assigning them to a given CAS TrancheId CAS TrancheIds can be found using the CAS Deal API.

If the optional deals-read scope is present. This API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires the accesscontrol-write scope to be present in the requests access token.

  • Optional deals-read scope to be present in the requests access token. (Used to populate Source System metadata if exists)

Parameters

Name

Type

Format

Description

Default

trancheId

UUID

URL path

The unique id of the TrancheId.

This endpoint also accepts a FiSaveAccessControlsRequest object as its body. An example JSON payload can be found in the `Swagger`_ reference.

Response

The endpoint returns a JSON payload containing the newly created FiAccessControlsDto Object.

Create v1 Tranche AccessControls by Source ID

Use this endpoint to create a new set of v1 Tranche AccessControls while assinging them to an already created CAS Tranche via the source systems Id. Given a SourceId the API will attempt to resolve it to an already existing CAS TrancheId associated to the given source id.

If the SourceId cannot be resolved an error will generate and no AccessControls will be created.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires the accesscontrol-write scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

URL path

The unique id of the Tranche as defined by the source system.

Response

The endpoint returns a JSON payload containing the newly created FiAccessControlsDto Object.

Update v1 Tranche AccessControls by Tranche ID

Use this endpoint to update the entire set of v1 Tranche AccessControls for a given TrancheId. If the AccessControls do not exist the API will attempt to create them.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires the accesscontrol-write scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

The unique Tranche id associated to the AccessControls for update.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 response is returned with a JSON payload containing the newly created FiAccessControlsDto Object.

Update v1 Tranche AccessControls by Source ID

Use this endpoint to update the entire set of v1 Tranche AccessControls for a given Tranche using its system Source Id. If the AccessControls do not exist the API will attempt to create them. The API will resolve the SourceId to a CAS TrancheId.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires the accesscontrol-write scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

Querystring

The unique Source id associated to the AccessControls for update.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 response is returned with a JSON payload containing the newly created FiAccessControlsDto Object.

v2/Tranches

Get v2 User Tranche AccessControls by Tranche ID

Use this endpoint to retrieve all the v2 User Tranche AccessControls associated to a given Tranche ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

Tranche Id from an already existing Deal

null

Response

The endpoint returns a JSON payload containing an object of v2 User Tranche AccessControl attributes.

Shared data requests will evaluate to private data equivilent when token’s Firm-type is not set to ‘issuer’.

Get v2 Full Tranche AccessControls by Tranche ID

Use this endpoint to retrieve all the v2 Full Tranche AccessControls associated to a given Tranche ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

Tranche Id from an already existing Deal

null

Response

The endpoint returns a JSON payload containing an object of v2 Full Tranche AccessControl attributes.

Get v2 User Tranche AccessControls by Source ID

Use this endpoint to retrieve all the v2 User Tranche AccessControls associated to a given Tranche using its Source ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

sourceId

string

Querystring

Tranche Id as the source system knows it

null

Response

The endpoint returns a JSON payload containing an object of v2 User Tranche AccessControl attributes.

Shared data requests will evaluate to private data equivilent when token’s Firm-type is not set to ‘issuer’.

Get v2 Full Tranche AccessControls by Source ID

Use this endpoint to retrieve all the v2 Full Tranche AccessControls associated to a given Tranche using its Source ID.

Shared data elements supported.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

  • Requires client flow token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

sourceId

string

Querystring

Tranche Id as the source system knows it

null

Response

The endpoint returns a JSON payload containing an object of v2 Full Tranche AccessControl attributes.

Get Multiple v2 User Tranche AccessControls by Tranche IDs

Use this endpoint to retrieve v2 User Tranche AccessControls for more than one Tranche Id. Note: this endpoint uses a POST method with list of Tranche Ids in the body.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheIds

UUID

Body

The unique ids of the Tranches to retrieve

null

Response

The endpoint returns a JSON response containing an array of v2 User Tranche AccessControls Object.

Get Multiple v2 Full Tranche AccessControls by Tranche IDs

Use this endpoint to retrieve v2 Full Tranche AccessControls for more than one Tranche Id. Note: this endpoint uses a POST method with list of Tranche Ids in the body.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheIds

UUID

Body

The unique ids of the Tranches to retrieve

null

Response

The endpoint returns a JSON response containing an array of v2 Full Tranche AccessControls Object.

Create v2 Tranche AccessControls by Tranche ID

Use this endpoint to create a new set of v2 Tranche AccessControls while assigning them to a given CAS TrancheId CAS TrancheIds can be found using the CAS Deal API.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Optional deals-read scope to be present in the requests access token. (Used to populate Source System metadata if exists)

Parameters

Name

Type

Format

Description

Default

trancheId

UUID

URL path

The unique id of the TrancheId.

This endpoint also accepts a TrancheAccessControlsSaveRequest object as its body. An example JSON payload can be found in the `Swagger`_ reference.

Response

The endpoint returns 201 Created status code with url method that returns the newly created v2 Full Tranche AccessControls Object.

Create v2 Tranche AccessControls by Source ID

Use this endpoint to create a new set of v2 Tranche AccessControls while assinging them to an already created CAS Tranche via the source systems Id. Given a SourceId the API will attempt to resolve it to an already existing CAS TrancheId associated to the given source id.

If the SourceId cannot be resolved an error will generate and no AccessControls will be created.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

URL path

The unique id of the Tranche as defined by the source system.

Response

The endpoint returns 201 Created status code with url method that returns the newly created v2 Full Tranche AccessControls Object.

Update v2 Tranche AccessControls by Tranche ID

Use this endpoint to update the entire set of v2 Tranche AccessControls for a given TrancheId. If the AccessControls do not exist the API will attempt to create them.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

The unique Tranche id associated to the AccessControls for update.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 Created status code with url method that returns the newly created v2 Full Tranche AccessControls Object.

Update v2 Tranche AccessControls by Source ID

Use this endpoint to update the entire set of v2 Tranche AccessControls for a given Tranche using its system Source Id. If the AccessControls do not exist the API will attempt to create them. The API will resolve the SourceId to a CAS TrancheId. If the SourceId cannot be resolved an error will generate and no AccessControls will be created.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

Querystring

The unique Source id associated to the AccessControls for update.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 Created status code with url method that returns the newly created v2 Full Tranche AccessControls Object.

Patch v2 Tranche AccessControls by Tranche ID

Use this endpoint to update specified parts of the entire set of v2 Tranche AccessControls for a given TrancheId. If the AccessControls do not exist an error will be generated.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

trancheId

UUID

Querystring

The unique Tranche id associated to the AccessControls for update.

patchRequestDto

JsonPatchDocument

Body

JsonPatchDocument that contains changes to the AccessControls

Response A 200 OK status code with updated v2 Full Tranche AccessControls Object.

Patch v2 Tranche AccessControls by Source ID

Use this endpoint to update specified parts of the entire set of v2 Tranche AccessControls for a given Tranche using its system Source Id. The API will resolve the SourceId to a CAS TrancheId. If the SourceId cannot be resolved an error will generate and no AccessControls will be created. If the AccessControls do not exist an error will be generated.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

Querystring

The unique Source id associated to the AccessControls for update.

patchRequestDto

JsonPatchDocument

Body

JsonPatchDocument that contains changes to the AccessControls

Response A 200 OK status code with updated v2 Full Tranche AccessControls Object.

v2/Deals

Get v2 User Deal AccessControls by Deal ID

Use this endpoint to retrieve all the v2 User Deal AccessControls associated to a given Deal ID.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

dealId

UUID

Querystring

Deal Id of an already existing Deal

null

Response

The endpoint returns 200 OK status code with a JSON payload containing an object of v2 User Full AccessControl attributes.

Get v2 Full Deal AccessControls by Deal ID

Use this endpoint to retrieve all the v2 Full Deal AccessControls associated to a given Deal ID.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

dealId

UUID

Querystring

Deal Id of an already existing Deal

null

Response

The endpoint returns 200 OK status code with a JSON payload containing an object of v2 Full Deal AccessControl attributes.

Get v2 User Deal AccessControls by Source ID

Use this endpoint to retrieve all the v2 User Deal AccessControls associated to a given Deal using its Source ID.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

sourceId

string

Querystring

Deal Id as the source system knows it

null

Response

The endpoint returns 200 OK status code with a JSON payload containing an object of v2 User Deal AccessControl attributes.

Get v2 Full Deal AccessControls by Source ID

Use this endpoint to retrieve all the v2 Full Deal AccessControls associated to a given Deal using its Source ID.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

sourceId

string

Querystring

Deal Id as the source system knows it

null

Response

The endpoint returns 200 OK status code with a JSON payload containing an object of v2 User Deal AccessControl attributes.

Get Multiple v2 User Deal AccessControls by Deal IDs

Use this endpoint to retrieve v2 User Deal AccessControls for more than one Deal Id. Note: this endpoint uses a POST method with list of Deal Ids in the body.

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

dealIds

UUID

Body

The unique ids of the Deals to retrieve

null

Response

The endpoint returns 200 OK status code with a JSON response containing an array of v2 User Deal AccessControls Object.

Get Multiple v2 Full Deal AccessControls by Deal IDs

Use this endpoint to retrieve v2 Full Deal AccessControls for more than one Deal Id. Note: this endpoint uses a POST method with list of Deal Ids in the body.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires user to be a System User, that means user should not have sub claim in the token.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

dealIds

UUID

Body

The unique ids of the Deals to retrieve

null

Response

The endpoint returns 200 OK status code with a JSON response containing an array of v2 Full Deal AccessControls Object.

Create v2 Deal AccessControls by Deal ID

Use this endpoint to create a new set of v2 Deal AccessControls while assigning them to a given CAS DealId CAS DealIds can be found using the CAS Deal API.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Optional deals-read scope to be present in the requests access token. (Used to populate Source System metadata if exists)

Parameters

Name

Type

Format

Description

Default

dealId

UUID

URL path

The unique id of the DealId.

request

DealAccessControlsSaveRequest

Body

The request model for Deal AccessControls creation.

This endpoint also accepts a TrancheAccessControlsSaveRequest object as its body. An example JSON payload can be found in the `Swagger`_ reference.

Response

The endpoint returns 201 Created status code with url method that returns the newly created v2 Full Tranche AccessControls Object.

Create v2 Deal AccessControls by Source ID

Use this endpoint to create a new set of v2 Deal AccessControls while assinging them to an already created CAS Deal via the source systems Id. Given a SourceId the API will attempt to resolve it to an already existing CAS DealId associated to the given source id.

If the SourceId cannot be resolved an error will generate and no AccessControls will be created.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

URL path

The unique id of the Tranche as defined by the source system.

request

DealAccessControlsSaveRequest

Body

The request model for Deal AccessControls creation.

Response

The endpoint returns 201 Created status code with url method that returns the newly created v2 Full Deal AccessControls Object.

Update v2 Deal AccessControls by Deal ID

Use this endpoint to update the entire set of v2 Deal AccessControls for a given DealId. If the AccessControls do not exist the API will attempt to create them.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

dealId

UUID

URL path

The unique id of the DealId.

request

DealAccessControlsSaveRequest

Body

The request model for Deal AccessControls creation.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 Created status code with url method that returns the newly created v2 Full Deal AccessControls Object.

Update v2 Deal AccessControls by Source ID

Use this endpoint to update the entire set of v2 Deal AccessControls for a given Deal using its system Source Id. If the AccessControls do not exist the API will attempt to create them. The API will resolve the SourceId to a CAS DealId. If the SourceId cannot be resolved an error will generate and no AccessControls will be created.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

  • Requires client flow token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

URL path

The unique id of the Tranche as defined by the source system.

request

DealAccessControlsSaveRequest

Body

The request model for Deal AccessControls creation.

Response Upon update: Only a 200 status code is return. No Body.

Upon create: A 201 Created status code with url method that returns the newly created v2 Full Deal AccessControls Object.

Patch v2 Deal AccessControls by Deal ID

Use this endpoint to update specified parts of the entire set of v2 Deal AccessControls for a given DealId. If the AccessControls do not exist an error will be generated.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

dealId

UUID

Querystring

The unique deal id associated to the AccessControls for update.

patchRequestDto

JsonPatchDocument

Body

JsonPatchDocument that contains changes to the AccessControls

Response A 200 OK status code with updated v2 Full Deal AccessControls Object.

Patch v2 Deal AccessControls by Source ID

Use this endpoint to update specified parts of the entire set of v2 Deal AccessControls for a given Deal using its system Source Id. The API will resolve the SourceId to a CAS DealId. If the SourceId cannot be resolved an error will generate and no AccessControls will be created. If the AccessControls do not exist an error will be generated.

If the optional deals-read scope is present and token is client flow this API will attempt to resolve Source system metadata.

Authorization

  • Requires the accesscontrol-admin scope to be present in the requests access token.

  • Requires the deals-read scope to be present in the requests access token.

Parameters

Name

Type

Format

Description

Default

sourceId

UUID

Querystring

The unique Source id associated to the AccessControls for update.

patchRequestDto

JsonPatchDocument

Body

JsonPatchDocument that contains changes to the AccessControls

Response A 200 OK status code with updated v2 Full Deal AccessControls Object.

v1/Tranches/firm-grants

Get v1 Evaluated Firm Grants for given TrancheId/FirmId key, reduced by request token FirmId

Use this endpoint to retrieve an evaluated, reduced grants list for a given trancheId. There is an optional parameter (includeSupportingData), that when set to TRUE will enrich the response with the raw grants. The service uses the FirmId provided in the request token to reduce the response to only entitled grants.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

string

Querystring

CAS Tranche Id

null

includeSupportingData

boolean

Querystring

Boolean flag indicating request for additional data in response

false

Response

The endpoint returns a JSON payload containing an object of type TrancheUserAccessControlGrants.

Search for v1 Evaluated Firm Grants for given TrancheId/FirmId key(s), reduced by request token FirmId

Use this endpoint to search for evaluated, reduced grants list for given tranche Ids. Note: this endpoint uses a POST method with a Search Criteria of the Tranche Ids to search on. The service uses the FirmId provided in the request token.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-read scope to be present in the requests access token.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheIds

FirmGrantSearchParameter

Body

The unique CAS Tranche Ids to search on

null

includeSupportingData

boolean

Querystring

Boolean flag indicating request for additional data in response

false

Here is an example payload:

{
    "criteria": [
        {
            "field": "trancheId",
            "operator": "in",
            "value": ["39e97570-b271-6016-da92-55e91d8be346", "39e97570-b271-25f0-00e0-7900bf526629"]
        }
    ]
}

Response

The endpoint returns a JSON payload containing an array/list of objects of type TrancheUserAccessControlGrants.

Get All v1 Firm Grants for given TrancheId/FirmId key

Use this endpoint to retrieve ALL the grants assigned to a given trancheId/firmId. The service uses the FirmId provided in the request token.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-admin-read scope to be present in the requests access token.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

string

Querystring

CAS Tranche Id

null

Response

The endpoint returns a JSON payload containing an object of type TrancheFullAccessControlGrant.

Create v1 Firm Grants for a given TrancheId/FirmId

Use this endpoint to create new grants assigned to a given trancheId/firmId. The service uses the FirmId provided in the request token as the firmId and the byFirmId values.

This endpoint will execute as a single transaction. If multiple grants are provided in a single request and one fails, all grants will be rolledback.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-admin-read scope to be present in the requests access token.

  • Requires the accesscontrol-admin-write scope to be present in the requests access token.

  • Implicit flow requires additional user permission grants.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

string

Querystring

CAS Tranche Id

null

Requst

The endpoint accepts a JSON body containing an object of type AccessControlGrantSaveRequestDto.

Response

The endpoint returns a JSON payload containing an object of type TrancheFullAccessControlGrant.

Update v1 Firm Grants for a given TrancheId/FirmId

Use this endpoint to replace the current grants of an existing trancheId/firmId record. The service uses the FirmId provided in the request token as the firmId and the byFirmId values. The service will perform a delta between the existing grants and the ones provided in body. It will remove those not present in body request and create ones that do not already exist.

This endpoint will execute as a single transaction. If multiple grants are provided in a single request and one fails, all grants will be rolledback.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-admin-read scope to be present in the requests access token.

  • Requires the accesscontrol-admin-write scope to be present in the requests access token.

  • Implicit flow requires additional user permission grants.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

string

Querystring

CAS Tranche Id

null

Requst

The endpoint accepts a JSON body containing an object of type AccessControlGrantSaveRequestDto or an empty array ‘[]’.

Submitting an empty array ‘[]’ is used when you want to remove all grants for a given FromFirmId, leaving all other grants unaffected.

Response

The endpoint returns a JSON payload containing an object of type TrancheFullAccessControlGrant.

Delete All v1 Firm Grants for a given TrancheId/FirmId

Use this endpoint to remove ALL grants of an existing trancheId/firmId record. The service uses the FirmId provided in the request token as the firmId value.

Removing/Deleting selected grants from an existing trancheId/firmId see Update v1 Firm Grants for a given TrancheId/FirmId.

Note: A predefined ‘shared data’ firmId will be substituted for firmId when ‘x-access-type = shared’ header is present in request. (This header requires appropriate user permission grant)

Authorization

  • Requires the accesscontrol-admin-read scope to be present in the requests access token.

  • Requires the accesscontrol-admin-write scope to be present in the requests access token.

  • Implicit flow requires additional user permission grants.

  • Requires appropriate user permission grant when used in conjunction with ‘x-access-type’ header.

Parameters

The parameters that this endpoint accepts are shown in the table below, with a description and default values identified.

Name

Type

Format

Description

Default

trancheId

string

Querystring

CAS Tranche Id

null

Shared Data

Shared data elements

Request data from a ‘shared’ resource requires the following:
  • Use the IDs of the shared resource

  • Send header ‘x-access-type = shared’

  • Have the required permissions to use ‘x-access-type’ header

Note: Using ‘x-access-type = shared’ will internally substitue token provided firmId to conform with shared data.

Request Example

curl --location --request GET 'https://api.uat.us-cas.ipreo.com/book-building/accesscontrols/v1/fixedincome/tranche/39f8831b-6651-4afa-a4d4-bc7de31194e6/accesscontrols' \ --header 'x-access-type: shared' \ (additional data removed for brevity)

Schema

The Access Controls object structures are shown below, and underneath each JSON example, every element is described in detail.

v1 Tranches AccessControls Schema

v1 Tranches AccessControls Example JSON

{
    "trancheId": "string",
    "sourceMetadata": {
        "sourceId": "string",
        "sourceAppKey": "string",
        "firmId": "string",
        "sourceCreatedBy": "string",
        "sourceLastModifiedBy": "string"
    },
    "manageBySalesRegion": true,
    "requiresInvestorCodes": true,
    "forceContactCapture": true,
    "defaultIndicationIntentType": "Soft",
    "availableLimitTypes": [
        {
        "isDefault": true,
        "limitType": "Blank",
        "spreadType": "DefaultBenchmarkBond"
        }
    ],
    "availableBasisTypes": [
        {
        "hedgeBasisType": "Blank",
        "securities": [
            {
            "name": "string"
            }
        ],
        "isDefault": true
        }
    ],
    "forceHedgeSettlementTypeCapture": true,
    "bookOpen": true,
    "allocationsReleased": true,
    "trancheVisible": true,
    "hedgeBookOpen": true,
    "allocationsVisible": true,
    "allocationsVisibleToInvestor": true,
    "lastModifiedDateTime": "2019-12-16T18:51:53.992Z",
    "createdBy": "string",
    "createdTimeStamp": "2019-12-16T18:51:53.992Z",
    "lastModifiedBy": "string",
    "deliveryTypeRequired": true,
    "isHedgeBookConfidential": true,
    "isSalesCreditsVisible": true,
    "isAttestationEnabled": true,
    "isAttestationRequired": true,
    "isLeiEnabled": true
}
trancheId

Represents the CAS unique identifier for a Tranche.

sourceMetadata

Represents reference data about the source system.

sourceId

Represents the unique id used by the source system to reference this tranche.

sourceAppKey

Represents the unique CAS key to identify the source system.

firmId

Represents the unique CAS value to identity the owning firm.

sourceCreatedBy

Represents the value the source system understands to be the creator of the record.

sourceLastModifiedBy

Represents the value the source system understands to be the entity to make modifications to the record.

manageBySalesRegion

A true/false flag indicating whether or not the book status is affected by the region associated to the sales user

requiresInvestorCodes

A true/false flag indicating whether or not an order is only allowed to be placed with an investor that has an associated code

forceContactCapture

A true/false flag indicating whether or not the Investor Contact selection is required for order entry

defaultIndicationIntentType

A default value for the indication Intent Type: [Firm | Soft].

forceHedgeSettlementTypeCapture

A true/false flag indicating whether or not Settlement Type is required when entering a hedge

bookOpen

A true/false flag indicating whether or not the book of the associated tranche is open; if false, then the book is closed

allocationsReleased

A true/false flag indicating whether or not allocations are released on this tranche

trancheVisible

A true/false flag indicating whether or not the tranche is visible to the user

hedgeBookOpen

A true/false flag indicating whether or not the hedge book of this tranche is open; if false, then the hedge book is closed

allocationsVisible

A true/false flag indicating whether or not allocations are visible to the Sales User

allocationsVisibleToInvestor

A true/false flag indicating whether or not allocations are visible to investors

deliveryTypeRequired

A true/false flag indicating whether or not Delivery Type is required on order entry

isHedgeBookConfidential

A true/false flag indicating whether or not Hedge Manager Hedge entries will be visible to the user

isSalesCreditsVisible

A true/false flag indicating whether or not Sales Credits are visible to the user

isAttestationEnabled

A true/false flag indicating whether or not Attestation is enabled on this tranche

isAttestationRequired

A true/false flag indicating whether or not Attestation is required for order entry; only allowed if Attestation is enabled

isLeiEnabled

A true/false flag indicating whether or not Legal Entity Identifier (LEI) is available for selection

availableLimitTypes

A collection of Limit Types that are available for the user to select during order entry

limitType

Valid values: [Blank, Spread, Yield, Price, Reoffer, Others]

spreadType

Valid values: [DefaultBenchmarkBond, DefaultPricingReference, FloatingRateIndex, MidSwaps, AssetSwaps]

isDefault

A true/false flag marking a given Limit Type as the default. (only one can be true).

availableBasisTypes

A collection of Hedge Basis Types that are available for the user to select during order entry

hedgeBasisType

Valid values: [Blank, Cash, Switch, Hedge, AssetSwap, Undecided]

securities

A collection of security names.

isDefault

A true/false flag marking a given Basis Type as the default. (only one can be true).

createdBy

User ID who created the contact.

createdTimeStamp

Date-Time of when the contact was last last modified.

lastModifiedBy

User ID who last modified the contact.

lastModifiedDateTime

Last modified date-time of the contact.

v2 Tranches AccessControls Schema

The difference between User and Full Tranche Access Controls schemas is View: In Full Tranche Access Controls View contains CommonRuleDto collection. In User Tranche Access Controls View contains boolean collection.

CommonRuleDto Example JSON

{
  "roles": "string[]",
  "userIds": "string[]",
  "action": "Default"
}
roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

CommonRegionRuleDto Example JSON

{
  "roles": [
       "string"
        ],
  "userIds": [
       "string"
        ],
  "regionIds (For Future Use)": [
      "string"
      ],
  "action": "Default"
}
roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

regionIds

Represents the list of regions to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

v2 Tranches AccessControls Example JSON

{
  "trancheId": "string",
  "sourceMetadata": {
      "sourceId": "string",
      "sourceAppKey": "string",
      "firmId": "string",
      "sourceCreatedBy": "string",
      "sourceLastModifiedBy": "string"
  },
  "view": "CommonRuleDto[]",
  "add": "CommonRuleDto[]",
  "update": "CommonRuleDto[]",
  "delete": "CommonRuleDto[]",
  "indication": {
    "book": {
      "manageBySalesRegion": true
    },
    "investor": {
      "code": {
        "require": "CommonRuleDto[]"
      },
      "contact": {
        "require": "CommonRuleDto[]",
        "roles": {
          "orderPlacer": {
            "view": "CommonRuleDto[]",
            "require": "CommonRuleDto[]",
            "allowOneOff": "CommonRuleDto[]",
            "allowExisting": "CommonRuleDto[]"
          }
        }
      }
    },
    "lei": {
      "enable": "CommonRuleDto[]"
    },
    "defaultCommitment": "Soft",
    "availableLimitTypes": [
      {
        "roles": "string[]",
        "userIds": "string[]",
        "action": "Cancel",
        "limit": {
          "isDefault": true,
          "limitType": "Price",
          "spreadType": "DefaultPricingReference"
        }
      }
    ],
    "availableOrderTypes": [
      {
        "roles": "string[]",
        "userIds": "string[]",
        "action": "Cancel",
        "orderType": {
          "type": "Product"
        }
      }
    ],
    "limitConstraints": [
      {
        "roles": "string[]",
        "userIds": "string[]",
        "action": "Cancel",
        "constraint": {
          "limitType": "Yield",
          "min": 0,
          "max": 0
        }
      }
    ],
    "demandConstraints": [
      {
        "roles": "string[]",
        "userIds": "string[]",
        "action": "Cancel",
        "constraint": {
          "demandType": "Percent",
          "min": 0,
          "max": 0
        }
      }
    ],
    "view": "CommonRuleDto[]",
    "add": "CommonRuleDto[]",
    "update": "CommonRuleDto[]",
    "delete": "CommonRuleDto[]",
    "cancel": "CommonRuleDto[]",
    "reinstate": "CommonRuleDto[]",
    "allowMultipleIndicationsPerInvestor": "CommonRuleDto[]",
    "attestation": {
      "enable": "CommonRuleDto[]",
      "require": "CommonRuleDto[]"
    },
    "approval": {
      "require": "CommonRuleDto[]"
    },
    "deliveryType": {
      "enable": "CommonRuleDto[]",
      "require": "CommonRuleDto[]"
    },
    "limit": {
      "update": "CommonRuleDto[]"
    },
    "demand": {
      "update": "CommonRuleDto[]",
      "denyIncreases": "CommonRuleDto[]",
      "denyDecreases": "CommonRuleDto[]"
    }
  },
  "hedge": {
    "availableBasisTypes": {
      "hedgeBasisType": "AssetSwap",
      "securities": [
        {
          "name": "string"
        }
      ],
      "isDefault": true
    },
    "settlement": {
      "requireType": "CommonRuleDto[]"
    },
    "view": "CommonRuleDto[]",
    "add": "CommonRuleDto[]",
    "update": "CommonRuleDto[]",
    "delete": "CommonRuleDto[]"
  },
  "allocation": {
    "affirmation": {
      "enable": "CommonRuleDto[]"
    },
    "view": "CommonRegionRuleDto[]",
    "add": "CommonRuleDto[]",
    "update": "CommonRuleDto[]",
    "delete": "CommonRuleDto[]",
    "classifications": {
      "Retail": {
       "view": "CommonRegionRuleDto[]"
    },
    "released": true
  },
  "privateComments": {
    "add": "CommonRuleDto[]",
    "update": "CommonRuleDto[]"
  },
  "prospectus": {
    "enable": "CommonRuleDto[]",
    "requireDocument": "CommonRuleDto[]"
  },
  "jointBook": {
    "hedge": {
      "view": "CommonRuleDto[]"
    }
  },
  "salesCredit": {
    "view": "CommonRuleDto[]"
  },
  "rowVersion": 0,
  "lastModifiedTimestamp": "2019-12-16T18:51:53.992Z",
  "lastModifiedByUserId": "string",
  "createdTimestamp": "2019-12-16T18:51:53.992Z",
  "createdByUserId": "string"
}
trancheId

Represents the CAS unique identifier for a Tranche.

sourceMetadata

Represents reference data about the source system.

sourceId

Represents the unique id used by the source system to reference this tranche.

sourceAppKey

Represents the unique CAS key to identify the source system.

firmId

Represents the unique CAS value to identity the owning firm.

sourceCreatedBy

Represents the value the source system understands to be the creator of the record.

sourceLastModifiedBy

Represents the value the source system understands to be the entity to make modifications to the record.

view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not the tranche is visible

add

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to add tranche details

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update tranche details

delete

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to delete tranche details

indication

Represents the data about indication availability

book/manageBySalesRegion

A true/false flag indicating whether or not the book status is affected by the region associated to the sales user

investor

Represents the data about investor

code

Represents the data about investor code

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor code is required

contact

Represents the data about investor contacts

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role is required

roles

A Dictionary that represents data about investor role for each role

value/view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role available for user

value/require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role required for user

value/allowOneOff

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not one-off investor contacts allowed for user

value/allowExisting

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user allowed to chose existing investor contacts

lei

Represents the data about LEI investors

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not lei investors available for the user

defaultCommitment

Represents the default indication commitment type. Possible values: [Firm | Soft]

availableLimitTypes

A collection of Limit Types that are available for the user to select during order entry

roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

limit

Represents the data about concrete limit type

limitType

Valid values: [Blank, Spread, Yield, Price, Reoffer, Limit, Discount, Market, Others]

spreadType

Valid values: [DefaultBenchmarkBond, DefaultPricingReference, FloatingRateIndex, MidSwaps, AssetSwaps]

isDefault

A true/false flag marking a given Limit Type as the default. (only one can be true).

availableOrderTypes

A collection of Order Types that are available for the user to select during order entry

roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

orderType

Represents the data about concrete order type

type

Valid values: [AbsoluteMinYield, DefaultBenchmarkBond, FloatingRateIndex, MaxPrice, MidSwaps, Reoffer, PricingReference, Product, Cash, PercentOfDeal]

limitConstraints

A collection of Limit Constraints Types that are available for the user

roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

constraint

Represents the data that has min and/or max constraint

limitType

Valid values: [Blank, Spread, Yield, Price, Reoffer, Limit, Discount, Market, Others]

min

Decimal value, that represents the minimum constraint

max

Decimal value, that represents the maximum constraint

demandConstraints

A collection of Demand Constraints Types that are available for the user

roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

constraint

Represents the data that has min and/or max constraint

demandType

Valid values: [Percent]

min

Decimal value, that represents the minimum constraint

max

Decimal value, that represents the maximum constraint

add

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to add indication

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update indication

delete

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to delete indication

cancel

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to cancel indication

reinstate

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to reinstate a cancelled indication

allowMultipleIndicationsPerInvestor

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating if more than one indication/order can exists against the same investor on a given tranche. Allows for Equity Hard/Soft Pot setting

limit

Represents operations pertaining to the limit portion of an indication

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update limit portion of an indication

demand

Represents opertions pertaining to the demand portion of an indication

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update demand portion of an indication

denyIncreases

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is denied the ablitiy to increase demand of an indication

denyDecreases

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is denied the ablitiy to decrease demand of an indication

attestation

Represets the date about attestation availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not attestation is enabled for the user

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not attestation is required for the user

approval

Represets the date about indication approval

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not indication approval is required for the user

deliveryType

Represets the date about dellivery type availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not delivery type is enabled for the user

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not delivery type is required for the user

hedge

Represents the data about hedges availability

availableBasisTypes

Represents the data about hedge basis types

hedgeBasisType

Valid values: [Blank, Cash, Switch, Hedge, AssetSwap, Undecided]

securities

Represents the list of objects with security names

isDefault

A true/false flag marking a basis type with given security as the default. (only one can be true).

settlement

Represents the data about hedge settlement availability

requireType

A list of CommonRuleDto that represents whether or not settlement type is required for the user

view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not hedge is visible

add

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to add hedges

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update hedges

delete

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to delete hedges

allocation

Represents the data about allocation availability

affirmation

Represents the data about affirmation availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not affirmation column is enabled

view

Array of CommonRegionRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not allocation is visible

add

Array of CommonRuleDto for Full AccessControl (true/false for User AccessControls). Indicating whether or not allocations can be created

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update allocations

delete

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to delete allocations

released

Boolean value indicating if allocations are released

classifications

Represents specific class of allocations

Retail

Classificaiton to differentiate retail only allocations

view

Array of CommonRegionRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not retail allocation is visible

privateComments

Represents the data about private comments availability

add

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to add private comments

update

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user is able to update private comments

prospectus

Represents the data about prospectus documentation availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not prospectus is enabled

requireDocument

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not prospectus documents are required

jointBook

Represents the data about joint book availability

hedge

References the data about hedge for joint book

view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not hedges on joint book is visible

salesCredit

Represents the data about sales credit features availability

view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not sales credit functionality is visible

rowVersion

(uint) Number that represents version of record

createdTimeStamp

(DateTimeOffset) Date-Time of when the contact was last last modified.

createdByUserId

User ID who created the contact.

lastModifiedTimestamp

(DateTimeOffset) Last modified date-time of the contact.

lastModifiedByUserId

User ID who last modified the contact.

v2 Deals AccessControls Schema

The difference between User and Full Deal Access Controls schemas is View: In Full Deal Access Controls View contains CommonRuleDto collection. In User Deal Access Controls View contains boolean collection.

CommonRuleDto Example JSON

{
  "roles": "string[]",
  "userIds": "string[]",
  "action": "Default"
}
roles

Represents the list of roles to which this rule will be applied

userIds

Represents the list of roles to which this rule will be applied

action

Default/Cancel. If Default, then rule will be applied to specifed users and roles. If Cancel, then rule will be applied to all, except specified users and roles.

v2 Deals AccessControls Example JSON

{
  "dealId": "string",
  "sourceMetadata": {
      "sourceId": "string",
      "sourceAppKey": "string",
      "firmId": "string",
      "sourceCreatedBy": "string",
      "sourceLastModifiedBy": "string"
  },
  "view": "CommonRuleDto[]",
  "indication": {
    "allocationOnSwap": {
      "enable": "CommonRuleDto[]",
      "counterparty": {
        "requireWhenSelected": "CommonRuleDto[]"
      }
    },
    "claimedHolding": {
      "enable": "CommonRuleDto[]",
      "require": "CommonRuleDto[]"
    },
    "attestation": {
      "enable": "CommonRuleDto[]",
      "require": "CommonRuleDto[]"
    },
    "investor": {
      "contact": {
        "require": "CommonRuleDto[]",
        "orderPlacer": {
            "view": "CommonRuleDto[]",
            "require": "CommonRuleDto[]",
            "allowOneOff": "CommonRuleDto[]",
            "allowExisting": "CommonRuleDto[]"
          }
      }
    }
  },
  "prospectus": {
    "enable": "CommonRuleDto[]",
    "requireDocument": "CommonRuleDto[]"
  },
  "rowVersion": 0,
  "lastModifiedTimestamp": "2019-12-16T18:51:53.992Z",
  "lastModifiedByUserId": "string",
  "createdTimestamp": "2019-12-16T18:51:53.992Z",
  "createdByUserId": "string"
}
dealId

Represents the CAS unique identifier for a Deal.

sourceMetadata

Represents reference data about the source system.

sourceId

Represents the unique id used by the source system to reference this deal.

sourceAppKey

Represents the unique CAS key to identify the source system.

firmId

Represents the unique CAS value to identity the owning firm.

sourceCreatedBy

Represents the value the source system understands to be the creator of the record.

sourceLastModifiedBy

Represents the value the source system understands to be the entity to make modifications to the record.

view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not the deal is visible

indication

Represents the data about indication availability

allocationOnSwap

Represents the data about allocation on swap availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not allocation on swap is enabled

counterparty

Represents the data about allocation on swap counterparty

requireWhenSelected

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not conterparty is required if allocation on swap set selected

claimedHolding

Represents the data about claimed holding availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not claimed holding is enabled for the user

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not claimed holding is required for the user

attestation

Represents the data about attestation availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not attestation is enabled for the user

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not attestation is required for the user

investor

Represents the data about investor

contact

Represents the data about investor contacts

require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role is required

roles

A Dictionary that represents data about investor role for each role

value/view

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role available for user

value/require

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not investor role required for user

value/allowOneOff

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not one-off investor contacts allowed for user

value/allowExisting

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not user allowed to chose existing investor contacts

prospectus

Represents the data about prospectus documentation availability

enable

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not prospectus is enabled

requireDocument

Array of CommonRuleDto for Full AccessControls (true/false for User AccessControls). Indicating whether or not prospectus documents are required

rowVersion

(uint) Number that represents version of record

createdTimeStamp

(DateTimeOffset) Date-Time of when the contact was last last modified.

createdByUserId

User ID who created the contact.

lastModifiedTimestamp

(DateTimeOffset) Last modified date-time of the contact.

lastModifiedByUserId

User ID who last modified the contact.

TrancheUserAccessControlGrants

Example JSON

{
    "isIndicationView": true,
    "isIndicationUpdate": false,
    "isAllocationView": false,
    "isTrancheView": false,
    "isAllocationUpdate": false,
    "isHedgesView": false,
    "isHedgesUpdate": false,
    "isTermsView": false,
    "isTermsUpdate": false,
    "supportingData": {
        "trancheId": "7cf17862-c328-4bb7-bac4-a8c1a6af05cc",
                    "firmId": "6789",
        "grants": [
            {
                "byFirmId": "1234",
                "toFirmId": "6789",
                "accessType": "indication.view"
            }
         ]
    }
}
isIndicationView

Boolean value indicating if ‘indication.view’ grant was given by at least one firm to the requesting firm.

isIndicationUpdate

Boolean value indicating if ‘indication.update’ grant was given by at least one firm to the requesting firm.

isAllocationView

Boolean value indicating if ‘allocation.view’ grant was given by at least one firm to the requesting firm.

isTrancheView

Boolean value indicating if ‘tranche.view’ grant was given by at least one firm to the requesting firm.

isAllocationUpdate

Boolean value indicating if ‘allocation.update’ grant was given by at least one firm to the requesting firm.

isHedgesView

Boolean value indicating if ‘hedges.view’ grant was given by at least one firm to the requesting firm.

isHedgesUpdate

Boolean value indicating if ‘hedges.update’ grant was given by at least one firm to the requesting firm.

isTermsView

Boolean value indicating if ‘terms.view’ grant was given by at least one firm to the requesting firm.

isTermsUpdate

Boolean value indicating if ‘terms.update’ grant was given by at least one firm to the requesting firm.

supportingData (Optional)

Returned if the ‘includeSupportingData’ flag was set to ‘true’ in request. Contains the TrancheFullAccessControlGrant data that was used to determine the values of the grants

TrancheFullAccessControlGrant

Example JSON

{
    "trancheId": "7cf17862-c328-4bb7-bac4-a8c1a6af05cc",
            "firmId": "6789",
    "grants": [
        {
            "byFirmId": "1234",
            "toFirmId": "6789",
            "accessType": "indication.view"
        }
    ]
}
trancheId

The CAS TrancheId value that the data belongs to

firmId

The FirmId value that the data belongs to

grants

The unique collection of grants assigned to the trancheId

byFirmId

Represents the firmId that is providing the grant

toFirmId

Represent the firmId that is receiving the grant

accessType

Represent the grant being given.

Acceptable values are:
  • indication.view

  • allocation.view

  • tranche.view

  • hedges.view

  • terms.view

  • indication.update

  • allocation.update

  • hedges.update

  • terms.update

AccessControlGrantSaveRequestDto

Example JSON

[
    {
        "toFirmId": "678",
        "accessType": "indication.view"
    }
]
toFirmId

Represent the firmId that is receiving the grant

accessType

Represent the grant being given.

Acceptable values are:
  • indication.view

  • allocation.view

  • tranche.view

  • hedges.view

  • terms.view

  • indication.update

  • allocation.update

  • hedges.update

  • terms.update