get-private-kyc.rst (9063B)
1 .. http:GET:: [/instances/$INSTANCE]/private/kyc 2 .. http:GET:: /management/instances/$INSTANCE/kyc 3 4 Check KYC status of a particular payment target. 5 Prompts the exchange to inquire with the bank 6 as to the KYC status of the respective account 7 and returns the result. 8 9 **Required permission:** ``instances-kyc-read`` 10 11 **Request:** 12 13 *Accept*: 14 The client may specify the desired MIME-type for the result. 15 Supported are the usual "application/json", but also 16 "text/plain". 17 18 :query h_wire=H_WIRE: *Optional*. If specified, the KYC check should 19 return the KYC status only for this wire account. Otherwise, for all wire accounts. 20 :query exchange_url=URL: *Optional*. If specified, the KYC check should 21 return the KYC status only for the given exchange. Otherwise, for all exchanges we interacted with. 22 :query lpt=TARGET: *Optional*. 23 Specifies what status change we are long-polling for. 24 Use 1 to wait for the KYC auth transfer (access token available), 25 2 to wait for an AML investigation to be done, 26 and 3 to wait for the KYC status to be OK. 27 If multiple accounts or exchanges match the query, 28 any account reaching the TARGET state will cause 29 the response to be returned. 30 @since protocol **v17**. @deprecated with **v25**, use ``lp_*``-query parameters instead. 31 :query lp_status=STATUS: *Optional*. 32 Specifies what status change we are long-polling for. 33 If specified, the endpoint will only return once the status *matches* the given value. 34 If multiple accounts or exchanges match the query, 35 any account reaching the STATUS will cause the response to be returned. 36 @since protocol **v25**. 37 :query lp_not_status=STATUS: *Optional*. 38 Specifies what status change we are long-polling for. 39 If specified, the endpoint will only return once the status no longer matches the given value. 40 If multiple accounts or exchanges *no longer matches* the given STATUS 41 will cause the response to be returned. 42 @since protocol **v25**. 43 :query lp_not_etag=ETAG: *Optional*. 44 Specifies what status change we are long-polling for. 45 If specified, the endpoint will only return once the returned "Etag" 46 would differ from the ETAG specified by the client. The "Etag" 47 is computed over the entire response body, and thus assured to change 48 whenever any data point in the response changes. This is ideal for 49 clients that want to learn about any change in the response. Clients 50 using this query parameter should probably also set a "If-none-match" 51 HTTP header so that if the ``timeout_ms`` expires, they can get back 52 a "304 Not modified" with an empty body if nothing changed. 53 @since protocol **v25**. 54 :query timeout_ms=NUMBER: *Optional.* If specified, the merchant will 55 wait up to ``timeout_ms`` milliseconds for the exchanges to confirm completion of the KYC process(es). 56 57 **Response:** 58 59 If different exchanges cause different errors when processing 60 the request, the largest HTTP status code that is applicable 61 is returned. 62 63 :http:statuscode:`200 Ok`: 64 The user may be redirected to the provided locations to perform 65 KYC checks. 66 The response will be a `MerchantAccountKycRedirectsResponse` object. 67 Uses this status code and format only since protocol **v17**. 68 :http:statuscode:`204 No content`: 69 No possibilities for KYC operations exist. 70 @since protocol **v25** only returned if this instance has no bank 71 accounts or no exchanges are configured for the merchant backend. 72 :http:statuscode:`304 Not modified`: 73 The ``ETag`` in the response did not change compared to the one 74 given in the ``If-none-match`` HTTP header specified by the client. 75 @since protocol **v25**. 76 77 **Details:** 78 79 .. ts:def:: MerchantAccountKycRedirectsResponse 80 81 interface MerchantAccountKycRedirectsResponse { 82 83 // Array of KYC status information for 84 // the exchanges and bank accounts selected 85 // by the query. 86 kyc_data: MerchantAccountKycRedirect[]; 87 88 } 89 90 .. ts:def:: MerchantAccountKycRedirect 91 92 interface MerchantAccountKycRedirect { 93 94 // Summary of the status of the KYC process. Possible values are: 95 // 96 // o "unsupported-account": this exchange does not support the given account (this is unlikely to change automatically, but could be perfectly normal if the account is supported by at least one other exchange). @since protocol **v25**. 97 // o "no-exchange-keys": we do not (yet) have the /keys of the exchange 98 // - "kyc-wire-impossible": KYC auth transfer needed but not possible 99 // (see also: auth_conflict). 100 // @ "kyc-wire-required": KYC auth transfer still needed and possible 101 // @ "kyc-required": merchant must supply KYC data to proceed (incl. 102 // in case of exposed zero-limits on deposit/aggregation) 103 // + "awaiting-aml-review": account under review by payment provider 104 // + "ready": everything is fine, account can be fully used 105 // - "logic-bug": merchant backend logic bug 106 // o "merchant-internal-error": merchant had an internal error 107 // o "exchange-internal-error": exchange had an internal error 108 // o "exchange-gateway-timeout": network timeout at gateway 109 // o "exchange-unreachable": exchange did not respond at all to our KYC status inquiry 110 // this can be briefly the case even if an exchange is online, as any HTTP request 111 // takes time to be processed; as a result, the KYC status for this account is unknown 112 // - "exchange-status-invalid": exchange violated protocol in reply 113 // 114 // "+" are perfectly normal states, "@" are states where the user 115 // must performn an action (show link!); "o" are reasonable transient 116 // states that could happen and are we are expected to likely recover 117 // from automatically but that we should inform the user about 118 // (show in yellow?), "-" are hard error states from which 119 // there is likely no good automatic recovery from (show in red?). 120 status: string; 121 122 // Full payto URI of the bank wire account this is about. 123 payto_uri: string; 124 125 // Currency used by the exchange. 126 // @since protocol **v25**. 127 exchange_currency: string; 128 129 // Hash of the salted payto://-URI of our bank wire 130 // account this is about. 131 // @since protocol **v17**. 132 h_wire: string; 133 134 // Base URL of the exchange this is about. 135 exchange_url: string; 136 137 // HTTP status code returned by the exchange when we asked for 138 // information about the KYC status. 139 // @since protocol **v17**. 140 exchange_http_status: Integer; 141 142 // True if we did not get a ``/keys`` response from 143 // the exchange and thus cannot do certain checks, such as 144 // determining default account limits or account eligibility. 145 no_keys: boolean; 146 147 // True if the given account cannot do KYC at the 148 // given exchange because no wire method exists that could 149 // be used to do the KYC auth wire transfer. 150 auth_conflict: boolean; 151 152 // Numeric `error code <error-codes>` indicating errors the exchange 153 // returned, or TALER_EC_INVALID for none. 154 // Optional (as there may not always have 155 // been an error code). 156 // @since protocol **v17**. 157 exchange_code?: Integer; 158 159 // Access token needed to open the KYC SPA and/or 160 // access the ``/kyc-info/`` endpoint. 161 // Optional as without the KYC auth wire transfer we 162 // may simply not have an access token yet. 163 access_token?: AccountAccessToken; 164 165 // Array with limitations that currently apply to this 166 // account and that may be increased or lifted if the 167 // KYC check is passed. 168 // Note that additional limits *may* exist and not be 169 // communicated to the client. If such limits are 170 // reached, this *may* be indicated by the account 171 // going into ``aml_review`` state. However, it is 172 // also possible that the exchange may legally have 173 // to deny operations without being allowed to provide 174 // any justification. 175 // The limits should be used by the client to 176 // possibly structure their operations (e.g. withdraw 177 // what is possible below the limit, ask the user to 178 // pass KYC checks or withdraw the rest after the time 179 // limit is passed, warn the user to not withdraw too 180 // much or even prevent the user from generating a 181 // request that would cause it to exceed hard limits). 182 limits?: AccountLimit[]; 183 184 // Array of full payto://-URIs with 185 // wire transfer instructions (including 186 // optional amount and subject) for a KYC auth wire 187 // transfer. Set only if this is (still) required 188 // to get the given exchange working. 189 // Array because the exchange may have multiple 190 // bank accounts, in which case any of these 191 // accounts will do. 192 // Optional. 193 // @since protocol **v17**. 194 payto_kycauths?: string[]; 195 196 }