Versions Compared

Old Version 1

changes.mady.by.user PC (Unlicensed)

Saved on

compared with

New Version Current

changes.mady.by.user Arthur Zhao

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Online Channel Test Cases

Info

All test cases outlined are in our Merchant Integration environment

Case

Summary

Description

Acceptance Criteria

A

Merchant Configuration

A-1

Validate API credentials - Client ID

Merchant's API credentials (Client ID and Client Secret) are present and valid in the Flexiti Developer Portal

Merchant is able to successfully authenticate with Flexiti API using these credentials

A-2

Validate API credentials - Client Secret

Merchant's API credentials (Client ID and Client Secret) are present and valid in the Flexiti Developer Portal

Merchant is able to successfully authenticate with Flexiti API using these credentials

A-3

Validate API Base URL is referencing correct Flexiti environment 

Merchant's environment should reference

Flexiti’s

the correct Flexiti environments

B

Merchant Authentication and Login

B-1

Unsuccessfully Authenticate with Flexiti's POS API - invalid client

Test Case: Access the API with

Code Block
'client_id=xxxxxx'

POST /oauth/token - 400 - invalid_client

B-2

Unsuccessfully call an endpoint - Invalid token

Test Case: Call the /token endpoint to generate a token and then call a different after the "expires_in" value expires.

Any endpoint - 401 - unauthorized

B-3

Unsuccessfully call an endpoint - wrong scope

Test Case: Attempt to call the following endpoints with an token that has a “customer” scope:

GET

A-4

Validate Disclaimers and Links

Verify that all disclaimers, pdfs, and links are working correctly

Verified by Marketing Team

A-5

Validate Field Lengths

Compare accepted field lengths with parameter lengths

Verified by Implementation Team

A-6

Verify that any merchant-scope API calls are made from the Merchant Server-side (i.e. POST oauth/token, /capture, GET /authorizations, /captures, /lookup, /search)

Ensure that all API Endpoints that require a merchant scope are made from the server-side

Verify that any merchant scope API calls are made from the merchant server-side

A-7

Verify that the APIs are called with the correct scope

Verify that the following API endpoints are called with the “customer” scope:

  • POST /client-id/{client_id}/

customers/search

  • i18n

  • GET /client-id/{client_id}/

customers/lookup

  • terms-and-conditions

  • POST /client-id/{

clientId

  • client_id}/

authorization/{authorizationId}/release

  • customers/driverslicense

  • POST /client-id/{

clientId}/authorization/{authorizationId}/capture

  • client_id}widget/init

  • POST /client-id/{client_id}/apply

  • POST /client-id/{

clientId

  • client_id}/

authorization

  • accounts/{

authorizationId

  • account_number}/

capture/{captureId}/return

  • close

  • POST /client-id/{client_id}/accounts/{account_number}/

refund

  • calculate-interest

GET

  • POST /client-id/{

clientId}/authorizationsGET /client-id/{clientId

  • client_id}/

authorization

  • account/{

authorizationId

  • account_number}/verify

GET

  • POST /client-id/{

clientId}/capturesGET /client-id/{client

  • client_id}/

customers/search - 403 - forbidden

  • GET /client-id/{client_id}/customers/lookup - 403 - forbidden

  • POST /client-id/{clientId}/authorization/{authorizationId}/release - 403 - forbidden

  • POST /client-id/{clientId}/authorization/{authorizationId}/capture - 403 - forbidden

  • POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return - 403 - forbidden

    • POST

    • authorization

    Verified by Implementation Team

    B

    Merchant Authentication and Login

    B-1

    Unsuccessfully Authenticate with Flexiti's POS API - invalid client

    Test Case: Access the API with

    Code Block
    'client_id=xxxxxx'

    POST /oauth/token - 400 - invalid_client

    B-2

    Unsuccessfully call an endpoint - Invalid token

    Test Case: Call the /token endpoint to generate a token and then call a different endpoint after the "expires_in" value expires.

    Any endpoint - 401 - unauthorized

    B-3

    Unsuccessfully call an endpoint - wrong scope

    Test Case: Attempt to call the following endpoints with an token that has a “customer” scope:

    • GET /client-id/{client_id}/customers/search

    • GET /client-id/{client_id}/

    accounts/{account_number}/refund - 403 - forbiddenGET

    • customers/lookup

    • POST /client-id/{clientId}/authorization/{authorizationId}/

    authorizations - 403 - forbiddenGET

    • release

    • POST /client-id/{clientId}/authorization/{authorizationId}

    - 403 - forbiddenGET

    • /capture

    • POST /client-id/{clientId}/

    captures - 403 - forbidden

    B-4

    Any API call - Session time out

    Test Case: 

    Code Block{{pos_url}}/flexiti/pos-api/v2.5

    • authorization/{authorizationId}/capture/{captureId}/return

    • POST /client-id/

    {

    • {client_id

    }

    • }/

    customers

    • accounts/

    lookup?

    • {account_number

    =0001

    • }/refund

    • GET

    {{pos_url}}/flexiti/pos-api/v2.5/

    • /client-id/{clientId}/authorizations

    • GET /client-id/{clientId}/authorization/{authorizationId}

    • GET /client-id/{clientId}/captures

    • GET /client-id/{client_id}

    }

    • /customers/

    lookup?account_number=0001 - 504 - GATEWAY_TIMEOUT

    B-5

    Successfully Authenticate with Flexiti's POS API

    Test Case: Use the correct “client_secret” and “client_id” to access the Flexiti API.

    POST /oauth/token - 200

    C

    Customer Application Flows

    C-1

    Unsuccessful Drivers License Scan 

     Test Case: Send the following request to

    • search - 403 - forbidden

    • GET /client-id/{client_id}/customers/lookup - 403 - forbidden

    • POST /client-id/{clientId}/authorization/{authorizationId}/release - 403 - forbidden

    • POST /client-id/{

    client_id}/customers/driverslicense Code Block{"code": "@\n\u001e\rxxx\n604428040101 DL00310219DLDCAunavI\nDCBNONE\nDCDNONE\nDBA20200515\nDCSNUMBER1\nDACENSTREAM \nDAD\nDBD20140516\nDBB19740515\nDBCZ\nDAYBLU\nDAU163 cm\nDAG55 UNIVERSITY AVE\nDAITORONTO\nDAJON\nDAKM5J 2H7\nDAQD61014070660905\nDCFPEJK368N4\nDCGCAN\nDDEU\nDDFU\nDDGU\r" }

    • clientId}/authorization/{authorizationId}/capture - 403 - forbidden

    • POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return - 403 - forbidden

    • POST /client-id/{client_id}/

    customers/driverslicense - 409 - Driver License's not supported

    C-2

    Successful Drivers License Scan

     Test Case: Send the following request to POST

    • accounts/{account_number}/refund - 403 - forbidden

    • GET /client-id/{clientId}/authorizations - 403 - forbidden

    • GET /client-id/{

    client_id}/customers/driverslicense
    Code Block
    {"code": "@\n\u001e\rANSI\n604428040101 DL00310219DLDCAunavI\nDCBNONE\nDCDNONE\nDBA20200515\nDCSNUMBER1\nDACENSTREAM \nDAD\nDBD20140516\nDBB19740515\nDBCZ\nDAYBLU\nDAU163 cm\nDAG55 UNIVERSITY AVE\nDAITORONTO\nDAJON\nDAKM5J 2H7\nDAQD61014070660905\nDCFPEJK368N4\nDCGCAN\nDDEU\nDDFU\nDDGU\r"
}

    POST /client-id/{client_id}/customers/driverslicense - 200

    C-3

    New user initiates and then cancels Flexiti application flow

    Test Case: To be handled by Merchant’s implementation design, the customer should be able to cancel the transaction process at any time up to the transaction call.

    Merchant design driven

    C-4

    New user initiates and fails application flow - missing required parameters

     Test Case:

    • clientId}/authorization/{authorizationId} - 403 - forbidden

    • GET /client-id/{clientId}/captures - 403 - forbidden

    B-4

    Any API call - Session time out

    Test Case: 

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/lookup?account_number=0001

    GET {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/lookup?account_number=0001 - 504 - GATEWAY_TIMEOUT

    B-5

    Successfully Authenticate with Flexiti's POS API

    Test Case: Use the correct “client_secret” and “client_id” from the Developer Portal to access the Flexiti API.

    POST /oauth/token - 200

    C

    Customer Apply & Apply/Buy Flows

    C-1

    Apply & Apply/Buy - Widget - /init endpoint

    C-1.1

    Customer already has an account that needs to be to activated

    Test Case:

    Code Block
    {
    "
    amount
    customer_
    requested
    identification":
    5000,
     {
        "
    phone
    personal_
    number
    information":
    "1234567890",
     {
    "language":
    "en-CA",
    "salutation":
    "mr",
       "first_name": "
    Barry
    Prodip",
            "middle_name": "",
            "last_name": "
    Blue
    Das",
            "dob": "
    1980
    1967-
    01
    06-01",
    "address_1
             "postal_code": "
    123
    M1J2A7"
    Any
    Street",
    "address_2": "Apt C",
     }
    "govid_expiry": "2025-12-12",
     },
    "
    city
    flow": "
    Montreal
    apply",
    "
    province
    email": "
    QC
    test@example.com",
    "
    postal
    phone_
    code
    number":
    "A1A0H1"
    5550097339,
    "
    govid
    address_
    type
    1": "
    CAP",
    225 HICKORY
    "govid_issuedby": "CANADA
    STREET NORTH #306",
    "
    govid_number
    city": "
    AB123456
    Whitby",
    "
    input_type
    province": "
    manual
    ON",
    "personal_income":
    123123,
     
    "
    household
    tos_
    income
    agreement":
    223123, "housing_type": "Rent", "email": "email@address.com", "occupation_id": "FE", "occupation_title": "Baker", "employer_name": "Tasty Bakery", "employer_phone": "1231231231", "sin": "", "security_qid": "8", "security_answer": "Griphon", "piw": "Cloud", "tos_agreement": true 
    true
}

    POST /client-id/{{client_id}}/widget/init - 200

    Code Block
    action: "activation"
type: "flx-success"
verified: false

    C-1.2

    Customer submits a new application and Flexiti identifies the customer has an existing account.

    Test Case:

    Code Block
    {
    "customer_identification": {
        "personal_information": {
            "first_name": "CERTIFICATION",
            "middle_name": "",
            "last_name": "EXISTING",
            "dob": "1980-01-01",
            "postal_code": "M6S2R5"
        }
    },
    "flow": "apply",
    "email": "test@example.com",
    "phone_number": 5551231231,
    "address_1": "123 Any Street",
    "city": "Montreal",
    "province": "QC",
    "tos_agreement": true
}

    POST /client-id/{{client_id}}/

    apply - 409 - "wrong_inputs"

    widget/init - 200

    Code Block
    {     "url"
    action: "purchase"
type: "
    /flexiti/pos-api/v2.5/client-id/{client-id}/apply",     "message": "Some inputs are wrong!",     "error": "wrong_inputs",     "field_errors": [         {             "param": "monthly_housing_expenses",             "msg": "required"         }     ] }

    C-5

    New user initiates and fails application flow - invalid inputs

     Test Case:

    Code Block{ "amount_requested": 5000, "phone_number": "5551231231", "language": "en-CA", "salutation": "mr", "first_name": "Garry", "
    flx-success"
verified: false

    C-1.3

    Customer submits a new application (widget)

    Test Case: Use a new application payload but pass the key below as the middle name:

    Code Block
    "middle_name": "A-RR_L"

    POST /client-id/{{client_id}}/widget/init - 200

    Code Block
    action: "apply"
type: "flx-success"
verified: true/false

    Send the application payload through the POST /client-id/{client_id}/apply endpoint

    C-1.4

    New Flexiti user initiates and completes application flow - pending

    Test Case: Use a new application payload but pass the key below as the middle name:

    Code Block
    "middle_name": "P-CREDIT"

    POST /client-id/{{client_id}}/widget/init - 200

    Code Block
    action: "apply"
type: "flx-success"
verified: true/false

    Send the application payload through the POST /client-id/{client_id}/apply endpoint

    C-1.5

    New Flexiti user initiates and completes application flow - decline

    Test Case: Use a new application payload but pass the key below as the middle name:

    Code Block
    "middle_name": "
    ", "last_name": "Blue", "dob": "1980-01-01", "address_1": "123 Any Street", "address_2": "Apt C", "govid_expiry": "2021-12-12", "city": "Montreal", "province": "QC", "postal_code": "A1A0H1", "govid_type": "CAP", "monthly_housing_expenses": 1000, "govid_issuedby": "CANADA", "govid_number": "", "input_type": "manual", "personal_income": "abc", "household_income": 223123, "housing_type": "Rent", "email": "email@address.com", "occupation_id": "FE", "occupation_title": "Baker", "employer_name": "Tasty Bakery", "employer_phone": "1231231231", "sin": "", "security_qid": "8", "security_answer": "Horse", "piw": "Cloud", 
    D-CREDIT"

     

    POST /client-id/{{client_id}}/widget/init - 200

    Code Block
    action: "apply"
type: "flx-success"
verified: true/false

    Send the application payload through the POST /client-id/{client_id}/apply endpoint

    C-1.6

    Customer submits a new application that will be declined due to a derogatory status’s on an existing account.

    Test Case:

    Code Block
    {
    "customer_identification": {
        "personal_information": {
            "first_name": "CERTIFICATION",
            "middle_name": "",
            "last_name": "04TEST",
            "dob": "1930-01-01",
            "postal_code": "M6S2R5"
        }
    },
    "flow": "apply",
    "email": "test@example.com",
    "phone_number": 5551231231,
    "address_1": "123 Any Street",
    "city": "Toronto",
    "province": "ON",
    "tos_agreement": true
}

    POST /client-id/{{client_id}}/

    apply - 409 - "wrong_inputs"

    widget/init - 200

    Code Block
    {     "url"
    action: "apply"
type: "
    /flexiti/pos-api/v2.5/
    flx-success"
verified: false

    Send the application payload through the POST /client-id/{client

    -

    _id}/apply

    ",     "message": "Some inputs are wrong!",     "error": "wrong_inputs",     "field_errors": [         {             "param": "personal_income",             "msg": "invalid",             "value": "abc"         }     ] }

    C-6

    New user initiates and fails application flow - existing customer

     Test Case: To be performed with Flexiti Assistance.

    Code Block{ "amount_requested": 5000, "phone_number": "5551231231", "language": "en-CA", "salutation": "mr", "first_name": "Existing", "middle_name": "", "last_name": "Customer", "dob": "1980-01-01", "address_1": "123 Any Street", "address_2": "Apt C", "govid_expiry": "2021-12-12", "city": "Montreal", "province": "QC", "postal_code": "A1A0H1", "govid_type": "CAP", "monthly_housing_expenses": 1000, "govid_issuedby": "CANADA", "govid_number": "AB123456"

    endpoint

    C-1.7

    Customer attempts an application but there is an IT related error.

    To be performed with Flexiti Assistance.

    Test Case: Use a new application payload but pass the key below as the middle name:

    Code Block
    "middle_name": "D-EMAIL_DBL_TIMEOUT",

    POST /client-id/{{client_id}}/widget/init - 409 -application_create_error

    Code Block
    action: "retry"
type: "flx-success"
verified: false

    C-1.8

    Customer initiates and then fails verification

    Test Case: Create Application with new information and enter 1111 as the pin 4 times.

    POST /client-id/{{client_id}}/widget/init - 200

    Code Block
    action: "apply"
type: "flx-success"
verified: false

    Send the application payload through the POST /client-id/{client_id}/apply endpoint

    C-2

    Apply & Apply/Buy - Application - /apply endpoint

    C-2.1

    Application submission fails - invalid inputs

     Test Case:

    Code Block
    {
  "amount_requested": 5000,
  "phone_number": "5551231231",
  "language": "en-CA",
  "salutation": "mr",
  "first_name": "Garry",
  "middle_name": "",
  "last_name": "Blue",
  "dob": "1980-01-01",
  "address_1": "123 Any Street",
  "address_2": "Apt C",
  "city": "Montreal",
  "province": "QC",
  "postal_code": "A1A0H1",
  "monthly_housing_expenses": 1000,
  "input_type": "manual",
  "personal
    _income": 100000, "household_income": 223123, "housing_type": "Rent", "email": "email@address.com", "occupation_id": "FE", "occupation_title": "Baker", "employer_name": "Tasty Bakery", "employer_phone": "1231231231", "sin": "", "security_qid": "8", "security_answer": "Horse", "piw": "Cloud", "tos_agreement": true }

    POST /client-id/{client_id}/apply - 409 - "customer_already_exists"

    C-7

    New user initiates and fails application flow - terms and conditions required

     Test Case: Any application where "tos_agreement": false

    POST /client-id/{client_id}/apply - 409 -  "tos_agreement_required"

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client-id}/apply",
    "message": "It has been following errors:",
    "error": "tos_agreement_required"
}

    C-8

    New user initiates and fails application flow - SIN number format

     Test Case: Any application where "sin": 12312

    POST /client-id/{client_id}/apply - 409 - "wrong_inputs"

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client-id}/apply",
    "message": "Some inputs are wrong!",
    "error": "wrong_inputs",
    "field_errors": [
        {
            "param": "sin",
            "msg": "invalid",
            "value": 12312
        }
    ]
}

    C-9

    New user initiates and fails application flow - Third Party time out

     Test Case: Any application with "middle_name": "D-EMAIL_DBL_TIMEOUT",

    POST /client-id/{client_id}/apply - 409 - application_create_error 

    C-10

    New Flexiti user initiates and completes application flow - approval

     Test Case: Any application with "middle_name": "A-RR_L",

    POST /client-id/{client_id}/apply - 200 - Approved response

    C-11

    New Flexiti user initiates and completes application flow - pending

     Test Case: Any application with "middle_name": "P-CREDIT",

    POST /client-id/{client_id}/apply - 200 - Pending response

    C-12

    New Flexiti user initiates and completes application flow - decline

     Test Case: Any application with"middle_name": "D-MISSING_INFO",

    POST /client-id/{client_id}/apply - 200 - Declined response

    D

    Customer Management

    D-1

    Customer not found on Lookup

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/lookup?customer_id=1111111111111

    GET /client-id/{client_id}/customers/lookup - 404 - not_found

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/customers/lookup?customer_id=1111111111111",
    "message": "It has been following errors:",
    "error": "not_found"
}

    D-2

    Customer found not able to transact

    Test Case: Merchant generated from test data in sandbox account

    • FlexitiCard #: 6374980111304687

    GET /client-id/{client_id}/customers/lookup - 409 - user_not_able_to_purchase

    D-3

    Customer account needs activation

    Test Case: Merchant generated from test data in sandbox account

    • FlexitiCard#: 6006102005837476

    GET /client-id/{client_id}/customers/lookup - 409 - user_not_active

    D-4

    Successful customer lookup

    Test Case:

    • Account #: 2374980012865116

    GET /client-id/{client_id}/customers/lookup - 200

    D-5

    Unsuccessful customer search - missing first name

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/search?lang=en&last_name=Morley&dob=1964-04-30

    GET /client-id/{client_id}/customers/search - 409 - wrong_inputs

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/customers/search?lang=en&last_name=Morley&dob=1964-04-30",
    "message": "Some inputs are wrong!",
    "error": "wrong_inputs",
    "field_errors": [
        {
            "param": "first_name",
            "msg": "required"
        }
    ]
}

    D-6

    Unsuccessful customer search - missing last name

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/search?lang=en&first_name=David&dob=1964-04-30

    GET /client-id/{client_id}/customers/search - 409 - wrong_inputs

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/customers/search?lang=en&first_name=David&dob=1964-04-30",
    "message": "Some inputs are wrong!",
    "error": "wrong_inputs",
    "field_errors": [
        {
            "param": "last_name",
            "msg": "required"
        }
    ]
}

    D-7

    Unsuccessful customer search - missing DOB

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/search?lang=en&first_name=David&last_name=Morley

    GET /client-id/{client_id}/customers/search - 409 - wrong_inputs

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{}client-id}/customers/search?lang=en&first_name=David&last_name=Morley",
    "message": "Some inputs are wrong!",
    "error": "wrong_inputs",
    "field_errors": [
        {
            "param": "dob",
            "msg": "required"
        }
    ]
}

    D-8

    Unsuccessful customer search - invalid DOB format

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/search?lang=en&first_name=CERTIFICATION&last_name=03TEST&dob=01-1970-01

    GET /client-id/{client_id}/customers/search - 409 - wrong_inputs

    D-9

    Successful customer search

    Test Case:

    Code Block
    {{pos_url}}/flexiti/pos-api/v2.5/client-id/{{client_id}}/customers/search?lang=en&first_name=CERTIFICATION&last_name=03TEST&dob=1970-01-01

    GET /client-id/{client_id}/customers/search - 200

    E

    Available Plans and Terms

    E-1

    Customer's Plans and Terms not displayed - customer not found

    Test Case:

    • Account #: 1234

    POST /pos-api/client-id/{client_id}/accounts/{account_number}/calculate-interest - 404 - "not_found"

    E-2

    Customer's Plans and Terms displayed (QC Customer Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: 116991631 / FlexitiCard #: 2374980012865116

    POST /pos-api/client-id/{client_id}/accounts/{account_number}/calculate-interest - 200

    E-3

    Customer's Plans and Terms displayed (ROC Customer Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: 116991632 / FlexitiCard #: 2374980012865124

    POST /pos-api/client-id/{client_id}/accounts/{account_number}/calculate-interest - 200

    F

    Customer Verification

    F-1

    Customer initiates and then fails verification - account not found

    Test Case:

    • Account #: 1234 / FlexitiCard #: 9999999999999999

    POST /client-id/{client_id}/account/{account_number}/verify - 404 - not_found

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/account/123/verify",
    "message": "It has been following errors:",
    "error": "not_found"
}

    F-2

    Customer initiates and then fails verification - secret answer mismatch

    Test Case:

    • Account #: 116991631

    Code Block
    {
  "format": "security_question",
  "security_qid": 8,
  "security_answer": "Dog"
}

    POST /client-id/{client_id}/account/{account_number}/verify - 409 - secret_answer_mismatch

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/account/116991630/verify",
    "message": "It has been following errors:",
    "error": "secret_answer_mismatch"
}

    F-3

    Customer successfully receives verification code by email

    Test Case: Merchant generated from test data in sandbox account. PIN will be delivered to email address in Developer Portal account Validation tab.

    • Account #: 116991631 / FlexitiCard #: 2374980012865116

    POST /client-id/{client_id}/account/{account_number}/verify - 200

    F-4

    Customer successfully receives verification code by SMS

    Test Case: Merchant generated from test data in sandbox account. PIN will be delivered to phone number in Developer Portal account Validation tab.

    • Account #: 116991631 / FlexitiCard #: 2374980012865116

    POST /client-id/{client_id}/account/{account_number}/verify - 200

    F-5

    Merchant successfully receives verification code with Security Question and Answer

    Test Case:

    • Account #: 116991631 / FlexitiCard #: 2374980012865116

    Code Block
    {
  "format": "security_question",
  "security_qid": 8,
  "security_answer": "Horse"
}

    POST /client-id/{client_id}/account/{account_number}/verify - 200

    G

    Flexiti Transactions (Deposit, In-store Payment, Trade-in)

    G-1

    Customer initiates and then cancels Flexiti transaction flow 

    Test Case: To be handled by Merchant’s implementation design, the customer should be able to cancel the transaction process at any time up to the transaction call.

    Customer successfully cancels the transaction flow prior to the POST /client-id/{client_id}/transactions request

    G-2

    Customer initiates and then fails Flexiti transaction - wrong verification code

    Test Case: Merchant generated from test data in sandbox account

    Code Block
    verification_code: 9999

    POST /client-id/{client_id}/transactions - 409 - wrong_verification_code

    G-3

    Customer initiates and then fails Flexiti transaction - missing verification code

    Test Case:

    Code Block
    {
  "transaction_type": "deposit",
  "amount": "0.05",
  "customer_id": 1111111111111111
}

    POST /client-id/{client_id}/transactions - 409 - verification_code_required

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id}/transactions",
    "message": "It has been following errors:",
    "error": "verification_code_required"
}

    G-4

    Customer initiates and then fails Flexiti transaction - VCC (FlexitiCard) not found

    Test Case:

    FlexitiCard #: 9999999999999999
    _income": "abc",
  "household_income": 223123,
  "housing_type": "Rent",
  "email": "email@address.com",
  "occupation_id": "FE",
  "occupation_title": "Baker",
  "employer_name": "Tasty Bakery",
  "employer_phone": "1231231231",
  "sin": "",
  "security_qid": "8",
  "security_answer": "Horse",
   "piw": "Cloud",
  "tos_agreement": true
}

    POST /client-id/{client_id}/

    transactions

    apply -

    404

    409 -

    not

    "wrong_

    found

    inputs"

    Code Block
    {

        "url":
     "/flexiti/pos-api/v2.5/client-id/{client
    _
    -id}/
    transactions
    apply",

        "message": "Some inputs are wrong!",
    "It has been following errors:", "error": "not_found" }

    G-4

    Customer initiates and then fails Flexiti transaction - Customer ID not found

    Test Case:

    Customer ID: 1111111111111111
        "error": "wrong_inputs",
    "field_errors": [
        {
            "param": "personal_income",
            "msg": "invalid",
            "value": "abc"
        }
    ]
}

    C-2.2

    Application submission fails - Terms and Conditions required

     Test Case: Any application where "tos_agreement": false

    POST /client-id/{client_id}/

    transactions

    apply -

    404 - not_found

    409 -  "tos_agreement_required"

    Code Block
    {

        "url":
     "/flexiti/pos-api/v2.5/client-id/{client
    _
    -id}/
    transactions
    apply",
    
    "message":
    "It has been following errors
     "It has been following errors:",

        "error":
     "
    not
    tos_agreement_
    found
    required"
}
    G

    C-

    6

    Customer initiates and then fails Flexiti transaction - Account Number not found

    Test Case:

    • Account #: 1111111111111111

    POST /client-id/{client_id}/transactions - 404 - not_found

    Code Block{ "url": "/flexiti/pos-api/v2.5/

    2.3

    New Flexiti user initiates and completes application flow - approval

     Test Case: Any application with "middle_name": "A-RR_L",

    POST /client-id/{client_id}/

    transactions", "message": "It has been following errors:", "error": "not_found" }

    G-7

    Customer initiates and then fails Flexiti transaction - user not able to purchase

    Test Case:

    Account #: 116991633 / FlexitiCard #: 2374980012865132

    apply - 200 - Approved response

    C-2.4

    New Flexiti user initiates and completes application flow - pending

     Test Case: Any application with "middle_name": "P-CREDIT",

    POST /client-id/{client_id}/

    transactions

    apply -

    409 - user_not_able_to_purchase

    G-8

    Customer initiates and then fails Flexiti transaction - Payment exceeds customer’s Open to Buy

    Test Case: Merchant generated from test data in sandbox account

    Account #: provided on request

    200 - Pending response

    C-2.5

    New Flexiti user initiates and completes application flow - decline

     Test Case: Any application with"middle_name": "D-CREDIT",

    POST /client-id/{client_id}

    /transactions - 409 - not_enough_creditG-9

    /apply - 200 - Declined response

    C-3

    Apply/Buy - Plan Section - /calculate-interest endpoint

    See D-2

    C-4

    Apply/Buy - Purchase - /authorization endpoint

    See D-3

    D

    Customer Buy Flow

    D-1

    Buy - Widget - /init endpoint

    D-1.1

    Customer initiates and then fails

    Flexiti transaction - Payment exceeds limit

    verification - account not found

    Test Case:

    Attempt to make a payment of $15,500

    • Account #:

    116991631 / FlexitiCard #: 2374980012865116

    • 1234

    • flow: purchase

    POST /client-id/{{client_id}}/

    transactions

    widget/init -

    409

    404 -

    limit_payment_amount_24

    G10

    Customer successfully performs a deposit 

     Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST

    not_found

    Code Block
    {
    "url": "/flexiti/pos-api/v2.5/client-id/{client_id
    }/transactions - 200

    G-11

    Customer successfully performs an in-store payment 

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /
    }/account/123/verify",
    "message": "It has been following errors:",
    "error": "not_found"
}

    D-2

    Buy - Plan Section - /calculate-interest endpoint

    D-2.1

    Customer's Plans and Terms not displayed - account not found

    Test Case:

    • Account #: 1234

    POST /pos-api/client-id/{client_id}

    /transactions - 200

    G-12

    Customer successfully performs a trade-in 

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /

    /accounts/{account_number}/calculate-interest - 404 - "not_found"

    D-2.2

    Customer's Plans and Terms displayed (QC Customer Account)

    Test Case:

    • Account #: 116991631

    POST /pos-api/client-id/{client_id}/

    transactions - 200

    H

    Flexiti Authorization

    H-1

    Customer initiates and then cancels Flexiti Authorization 

    To be handled by Merchant’s implementation design, the customer should be able to cancel the transaction process at any time up to the authorization call.

    Customer successfully cancels the transaction flow prior to the POST /client-id/{client-id}/authorization request

    H-2

    Customer initiates and then fails Flexiti authorization - wrong verification code

    accounts/{account_number}/calculate-interest - 200

    D-2.3

    Customer's Plans and Terms displayed (ROC Customer Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: 116991632

    POST /pos-api/client-id/{client

    -

    _id}

    /authorization - 409 - wrong_verification_codeH-3

    /accounts/{account_number}/calculate-interest - 200

    D-3

    Buy - Purchase - /authorization endpoint

    D-3.1

    Customer initiates and then fails Flexiti authorization -

    missing verification code

    not verified

    Test Case:

    Merchant generated from test data in sandbox

    1. Incorrectly input dynamic pin or security question and answer in the widget /init 3 times

    2. Then attempt an authorization using that account

    POST /client-id/{client-id}/authorization - 409 -

    verification

    not_

    code_required

    verified

    H

    D-

    4

    3.2

    Customer initiates and then fails Flexiti authorization - Account Number not found

    Test Case: Merchant generated from test data in sandbox account

    • Account #: 1234

    POST /client-id/{client-id}/authorization - 404 - not_found

    H

    D-

    5

    3.3

    Customer initiates and then fails Flexiti authorization - user not able to purchase

    Test Case: Merchant generated from test data in sandbox account

    • FlexitiCard #: 2374980012865132

    • Account #: 116991633

    / FlexitiCard #: 2374980012865132

    POST /client-id/{client-id}/authorization - 409 - user_not_able_to_purchase

    H

    D-

    6

    3.4

    Customer initiates and then fails Flexiti authorization - not enough credit

    Test Case: Merchant generated from test data in sandbox account

    Account #: provided on request

    • Request an authorization amount larger than the test accounts open to buy

    POST /client-id/{client-id}/authorization - 409 - credit_exceeded

    H

    D-

    7

    3.5

    Customer initiates and then fails Flexiti authorization - invalid plan ID

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{client-id}/authorization - 409 - plan_term_not_set

    H

    D-

    8

    3.5

    Customer initiates and then fails Flexiti authorization - invalid term

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{client-id}/authorization - 409 - plan_term_not_set

    H

    D-

    9

    3.7

    Customer initiates and then fails Flexiti authorization - plan not available to customer

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /client-id/{client-id}/authorization - 409 - plan_term_not_available

    H

    D-

    10

    3.8

    Customer successfully performs a regular purchase authorization (QC Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /client-id/{client-id}/authorization - 200

    H

    D-

    11

    3.9

    Customer successfully performs a promotional purchase authorization (QC Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /client-id/{client-id}/authorization - 200

    H

    D-

    12

    3.10

    Customer successfully performs a regular purchase authorization (ROC account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /client-id/{client-id}/authorization - 200

    D-3.11

    Customer successfully performs a promotional purchase authorization (ROC Account)

    Test Case: Merchant generated from test data in sandbox account

    • Account #: provided on request

    POST /client-id/{client-id}/authorization - 200

    H

    D-

    13Customer successfully performs a promotional purchase authorization (ROC Account)

    3.12

    Response in "account_avs" with customer address matching values

    Test Case: Merchant generated from test data in sandbox account

    Account #: provided on request

    POST /client-id/{client-id}/authorization - 200

    D-3.13

    Billing and Shipping Information should be separately passed in and matching the expected values

    Test Case: Run an authorization where the billing and shipping information are not matching each other

    POST /client-id/{client-id}/authorization - 200

    H-14

    Response in "account_avs" with customer address matching values

    Test Case: Merchant generated from test data in sandbox account

    Verify with the Flexiti implementation team that the request received has the different corresponding billing & shipping info.

    D3.14

    In-store pick-ups: If in-store pick-ups is desired for online, the shipping address passed in is the store address.

    Test Case: Process a transaction for instore pickup (There’s no difference from the Flexiti API’s perspective)

    POST /client-id/{client-id}/authorization - 200

    I

    Verify with the Flexiti implementation team & the merchant dev team that the shipping info received by Flexiti is that of the pick-up store info.

    E

    Merchant Order  Management

    I

    E-1

    Unsuccessfully release an authorization - wrong transaction ID

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/release - not_found

    I

    E-2

    Unsuccessfully release an authorization - total requested more than authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/release - auth_amount_exceeded

    I

    E-3

    Unsuccessfully release an authorization - authorization ended

    Test Case: Merchant generated from test data in sandbox account with Flexiti assistance.

    POST /client-id/{clientId}/authorization/{authorizationId}/release - authorization_ended

    I

    E-4

    Unsuccessfully release an authorization - employee does not have permission

    Test Case: Merchant generated from test data in sandbox account with Flexiti assistance

    POST /client-id/{clientId}/authorization/{authorizationId}/release - not_permitted

    I

    E-5

    Perform a full release of an Authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/release - 200

    I

    E-6

    Perform a partial release of an Authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/release - 200

    I

    E-7

    Unsuccessfully capture an authorization - customer not able to purchase

    Test Case: Merchant generated from test data in sandbox account with Flexiti assistance.

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 409 - not_permitted

    I

    E-8

    Unsuccessfully capture an authorization - authorization not capturable

    Test Case: Merchant generated from test data in sandbox account with Flexiti assistance.

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 409 - not_permitted

    I

    E-9

    Unsuccessfully capture an authorization - wrong authorization ID

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 404 - not_found

    I

    E-10

    Unsuccessfully capture an authorization - amount greater than authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 409 - auth_amount_exceeded

    I

    E-11

    Fully Capture an authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 200

    I

    E-12

    Partially Capture an authorization

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture - 200

    I

    E-13

    Unsuccessfully refund a captured regular purchase - customer account not found

    Test Case:

    Account #: 1234

    POST /client-id/{client_id}/accounts/{account_number}/refund - 404 - not_found

    I

    E-14

    Unsuccessfully refund a captured regular purchase - refund exceeds limit

    Test Case: Merchant generated from test data in sandbox account with Flexiti assistance.

    POST /client-id/{client_id}/accounts/{account_number}/refund - 409 - refunds_limit_exceeded_amount

    I

    E-15

    Perform a full refund of a captured regular purchase

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{client_id}/accounts/{account_number}/refund - 200

    I

    E-16

    Perform a Partial Refund of a captured regular purchase

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{client_id}/accounts/{account_number}/refund - 200

    I

    E-17

    Unsuccessfully return a captured promotional purchase - wrong authorization ID

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return

    I

    E-18

    Unsuccessfully return a captured promotional purchase - return exceeds limit

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return

    I

    E-19

    Perform a full Return on a captured promotional purchase

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return - 200

    I

    E-20

    Perform a Partial return of a captured promotional purchase

    Test Case: Merchant generated from test data in sandbox account

    POST /client-id/{clientId}/authorization/{authorizationId}/capture/{captureId}/return - 200

    I

    E-21

    Unsuccessfully view list of Authorizations available for capture - wrong dates

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/authorizations - 409 - date_from_bigger_than_date_to

    I

    E-22

    View a list of Authorizations available for capture

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/authorizations - 200

    I

    E-23

    Unsuccessfully view an authorization - authorization not found

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/authorization/{authorizationId} - 409 - not_found

    I

    E-24

    View an authorization

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/authorization/{authorizationId} - 200

    I

    E-25

    Unsuccessfully View a list of captures - wrong dates

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/captures - 409 - date_from_bigger_than_date_to

    I

    E-26

    View a list of captures

    Test Case: Merchant generated from test data in sandbox account

    GET /client-id/{clientId}/captures - 200

    Ac