Customer Endpoints - POS API

Owned by PC (Unlicensed)
Last updated: Apr 06, 2023 by Arthur Zhao
20 min read

These are all of the Endpoints required to identify or interact with Customers.

GET /client-id/{client_id}/customers/search

https://{posapi_url}/flexiti/pos-api/v2.5/client-id/{client_id}/customers/search?first_name=John&last_name=Smith&dob=1900-01-01

This Endpoint returns a list of accounts for the customer being searched for.

Request Parameters:

Type

Parameter

Required

Details

Type

Parameter

Required

Details

HEADER

authorization

Yes

  • ASCII string (1000)

  • This is the word “Bearer” with a space and then the access_token given in oauth/token API response

  • Default value: Bearer {insert_bearer_token_from_oauth_here/token_api}

HEADER

x-reference-id

Yes

  • ASCII string (32)

  • GUID

  • Unique identifier for the flow for traceability purposes

PATH

client_id

Yes

  • ASCII string (100)

  • This is the Client ID given in the Developer User Account section

QUERY

first_name

Yes

  • ASCII string (35)

  • The customer’s First Name on file

QUERY

last_name

Yes

  • ASCII string (50)

  • The customer’s Last Name on file

QUERY

dob

Yes

  • ASCII string (10)

  • Format: YYYY-MM-DD

  • The customer’s Date of Birth on file

QUERY

postal_code

No

  • ASCII string (6)

  • The customer’s Postal Code

  • Format: XXXXXX

Response Parameters:

Type

Parameter

Details

Type

Parameter

Details

BODY

customer_id

  • ASCII string (20)

  • The Customer ID of the account

  • This is not the Account Number

  • The customer ID may return a '-' delimited value for an authorized business customer. in the format of: “[master-cust-id]-[authorized-user-id]”

BODY

account_status

  • ASCII string (1)

  • “N” - Normal (only status that allows Authorizations/Purchases)

  • “A” - Auth Prohibited (Authorizations/Purchases are prohibited due to lack of payment, this status can be reverted automatically by the system)

  • “F” - Frozen (Frozen accounts can NOT make Authorizations/Purchases, this status can only be reverted manually by Operations)

  • “Z” - Charged Off (When accounts do not pay for 6 or more months, the account is written off the Portfolio)

  • “C” - Closed (no longer in use, this represents accounts that are closed and can NOT be brought back to life, there are some old accounts with this status)

BODY

account_status_reason_code

  • ASCII string (4)

  • Possible values: AAUT, FAGN, FBNK, FCCS, FCLC, FCLG, FCQC, FCND, FCOP, FDEC, FDVO, FFRD, FHRD, FIND, FINP, FLCK, FOPD, FPAC, FRMA, FRME, FRVK, FSKP, FSLM, NNOR, ZBNK, ZCCO, ZCCS, ZCOP, ZDEC, ZDVO, ZFRD, ZMCO, ZOPD, ZSLM, ZSRO

BODY

tos_agreement

  • boolean

  • True means the customer accepted the Terms and Conditions

  • False means they have not accepted the Terms and Conditions

BODY

risk_rating

  • ASCII string (4)

  • Risk rating of the Customer

  • Possible values: L, M, H, X, Y, Z, N, P, Q, R, S

    • L - Low - Preferred (Prime Customer, Preferred Account Type)

    • M - Medium - Preferred (Prime Customer, Preferred Account Type)

    • H - High - Premium (Prime Customer, Premium Account Type)

    • X - X-High - Premium (Prime Customer, Premium Account Type)

    • Y - XX-High - Standard (Non-prime Customer)

    • Z - XXX-High - Standard (Non-prime Customer)

    • P - XX-High - High (Non-prime Customer)

    • Q - XX-High - Very Low (Non-prime Customer)

    • R - XX-High - Low (Non-prime Customer)

    • S - XX-High - Medium (Non-prime Customer)

    • N - No Rating Assigned

BODY

account_number

  • number (14)

  • The Account Number of the Customer

  • This is not the FlexitiCard number (VCC)

BODY

customer_account_type

  • ASCII string (100)

  • This is the type of account the customer has

BODY

credit_limit

  • number (18,2)

  • Credit limit associated with the Customer’s account

BODY

available_credit

  • number (18,2)

  • Customer’s open to buy

BODY

originating_merchant_id

  • number (10)

  • ID of the Merchant where the customer’s application originated

BODY

originating_merchant_name

  • ASCII string (130)

  • Name of the Merchant where the customer’s application originated

BODY

creation_date

  • ASCII string (10)

  • Date the customer’s account was created

BODY

first_name

  • ASCII string (35)

  • Customer’s First Name

BODY

last_name

  • ASCII string (50)

  • Customer’s Last Name

BODY

card_ending_in

  • number (4)

  • Last 4 digits of the customer account’s primary FlexitiCard Number (VCC)

BODY

preferred_language

  • ASCII string (5)

  • Preferred Language (Locale)

  • Available values: en-CA, fr-CA

  • Default value: en-CA

Success Response:

[ { "customer_id": "123321", "account_status": "N", "account_status_reason_code": "NNOR", "tos_agreement"": true, "risk_rating": "H", "account_number": 123456789, "credit_limit": "1000.00", "available_credit": "659.51", "originating_merchant_id": "12345", "originating_merchant_name": "ACME Jewellers", "creation_date": "2019-05-15", "first_name": "John", "last_name": "Smith", "card_ending_in": "5941", "preferred_language": "fr-CA" "customer_account_type": "consumer" }, { "customer_id": "123412", "account_status": "F", "account_status_reason_code": "FLCK", "tos": true, "risk_rating": "Y", "account_number": 234567890, "credit_limit": "1000.00", "available_credit": "847.00", "originating_merchant_id": "23456", "originating_merchant_name": "ACME Restorations", "creation_date": "2019-04-15", "first_name": "John", "last_name": "Smith", "card_ending_in": "6457", "preferred_language": "en-CA" "customer_account_type": "business" } ]

 

GET /client-id/{client_id}/customers/lookup

https://{posapi_url}/flexiti/pos-api/v2.5/client-id/{client_id}/customers/lookup?vcc_number=1234123412341234

or

or

This service allows the Merchant to gather the Customer information by providing any of the following:

  • a FlexitiCard (VCC) number

  • an Account Number

  • a Customer ID

If you lookup via the FlexitiCard (VCC) number, the response will return the account the FlexitiCard belongs to.

Request Parameters:

Type

Parameter

Required

Details

Type

Parameter

Required

Details

HEADER

authorization

Yes

  • ASCII string (40)

  • This is the word “Bearer” with a space and then the access_token given in oauth/token API response

  • Default value: Bearer {insert_bearer_token_from_oauth_here/token_api}

HEADER

x-reference-id

Yes

  • ASCII string (32)

  • GUID

  • Unique identifier for the flow for traceability purposes

PATH

client_id

Yes

  • ASCII string

  • This is the Client ID given in the Developer User Account section

QUERY

lang



  • ASCII string (5)

  • Customer Preferred language

  • Available values: (en=English) or (fr=French)

  • Default value: en

QUERY

vcc_number



  • ASCII string (16)

  • The FlexitiCard Number (VCC) of the Customer

QUERY

account_number



  • number (14)

  • The Account Number of the Customer

  • This is not the FlexitiCard number (VCC)

QUERY

customer_id



  • ASCII string (20)

  • The Customer ID of the Primary Account Holder

  • This is not the Account Number

 

Response Parameters:

Type

Parameter

Details

Type

Parameter

Details

BODY

available_credit

  • number (18,2)

  • Customer’s open to buy

BODY

account_number

  • number (14)

  • The Account Number of the Customer

  • his is not the FlexitiCard number (VCC)

BODY

customer_id

  • ASCII string (20)

  • ID of the customer

  • This is not the customer’s Account Number

  • The customer ID may return a '-' delimited value for an authorized business customer. in the format of: “[master-cust-id]-[authorized-user-id]”

BODY

security_qid.id

  • number (5)

  • Customer’s Security Question ID provided by the Customer Lookup service

BODY

security_qid.text

  • ASCII string

  • Customer’s Security Question

BODY

address_1

  • ASCII string (150)

  • Customer Address Line 1

BODY

address_2

  • ASCII string (143)

  • Customer Address Line 2

BODY

city

  • ASCII string (100)

  • Customer City

BODY

postal_code

  • ASCII string (10)

  • Customer Postal Code

BODY

province

  • ASCII string (2)

  • Customer Province (2 character syntax, ex. ON for Ontario)

  • Available values: AB, BC, MB, NB, NL, NS, NT, NU, ON, PE, QC, SK, YT.

BODY

payment_protection

  • boolean

  • Whether the customer has insurance on the account

BODY

risk_rating

  • ASCII string (4)

  • Risk rating of the Customer

  • Possible values: L, M, H, X, Y, Z, N

    • L - Low - Preferred (Prime Customer, Preferred Account Type)

    • M - Medium - Preferred (Prime Customer, Preferred Account Type)

    • H - High - Premium (Prime Customer, Premium Account Type)

    • X - X-High - Premium (Prime Customer, Premium Account Type)

    • Y - XX-High - Standard (Non-prime Customer)

    • Z - XXX-High - Standard (Non-prime Customer)

    • P - XX-High - High (Non-prime Customer)

    • Q - XX-High - Very Low (Non-prime Customer)

    • R - XX-High - Low (Non-prime Customer)

    • S - XX-High - Medium (Non-prime Customer)

    • N - No Rating Assigned

BODY

offer_types.plan_name

  • ASCII string

  • Name of the promotional plan available to the customer

BODY

offer_types.plan_id

  • number (3)

  • ID of the promotional plan available to the customer

BODY

offer_types.offer_category

  • ASCII string

  • Category of the promotional plans available to the customer

  • Available values: equal_billing, deferred_payment

BODY

offer_types.term_options

  • number (3)

  • terms of the promotional plan available to the customer

BODY

card_ending_in

  • number (4)

  • Last 4 digits of the customer account’s primary FlexitiCard Number (VCC)

BODY

preferred_language

  • ASCII string (5)

  • Preferred Language (Locale)

  • Available values: en-CA, fr-CA

  • Default value: en-CA

BODY

email

  • ASCII string (75)

  • This will be a masked representation of the customer’s email address

  • This can be used to validate with the email destination with the customer for the dynamic pin on POST /client-id/{client_id}/account/{account_number}/verify (In-store)

BODY

phone_number

  • ASCII string (12)

  • This will be the last four digits of the customer’s phone number, the rest of the digits will be masked

  • This can be used to validate with the sms destination with the customer for the dynamic pin on POST /client-id/{client_id}/account/{account_number}/verify (In-store)

BODY

account_type

  • ASCII string (100)

  • This is the type of account the customer has

Success Response:

Successful Response (Authorized user of business card):

POST /client-id/{client_id}/account/{account_number}/verify

This endpoint is used for the “in-store” channel only, and allows you to verify a Customer using one of the available verification methods:

  • email - a dynamic pin will be sent to the customer’s email on file

  • sms - a dynamic pin will be sent to the customer’s phone on file

  • security_question - passing the correct answer to the customer’s security question will generate a dynamic pin on the response.

  • regular_purchase_bypass - is the customer qualifies for a regular purchase bypass a dynamic pin to be used only for regular purchases will be generated on the response.

  • merchant_override - select Merchants are able to override the customer authentication, this will generate a dynamic pin on the response.

Request Parameters:

Type

Parameter

Required

Details

Type

Parameter

Required

Details

HEADER

authorization

Yes

  • ASCII string (1000)

  • This is the word “Bearer” with a space and then the access_token given in oauth/token API response

  • Default value: Bearer {insert_bearer_token_from_oauth_here/token_api}

HEADER

x-reference-id

Yes

  • ASCII string (32)

  • GUID

  • Unique identifier for the flow for traceability purposes

PATH

client_id

Yes

  • ASCII string (100)

  • This is the Client ID given in the Developer User Account section

PATH

account_number

Yes

  • number (14)

  • This is the Account Number of the Primary Account Holder retrieved in any of the available endpoints

BODY

vcc_number


No

  • ASCII string(16)

  • The FlexitiCard number (VCC) provided by the Customer

  • To be used in a Business Account Authorized User’s purchase, sent with the Primary account Holder’s Account number

BODY

format

Yes

  • ASCII string

  • Verification format to be presented to the Customer

  • Available values: sms, email, merchant_override, security_question, regular_purchase_bypass

  • Default value: sms

BODY

security_qid

Required for format: security_question

  • number (5)

  • Customer’s Security Question ID provided by the Customer Lookup service

BODY

security_answer

Required for format: security_question

  • ASCII string (50)

  • Customer’s response to the Security Question

BODY

request_id

Yes for in-store channel

  • ASCII string (150)

  • This is the identifier for a verification to application/transaction/authorization flow.

Example Request:

Success Responses:

200 - Success - security_question
200 - Success - sms
200 - Success - email
200 - Success - merchant_override
200 - Success - regular_purchase_bypass

 

POST /client-id/{client_id}/customers/driverslicense

This endpoint allows the decoding of PDF417 scanned driver license information.

Request Parameters:

Type

Parameter

Required

Details

Type

Parameter

Required

Details

HEADER

authorization

Yes

  • ASCII string (1000)

  • This is the word “Bearer” with a space and then the access_token given in oauth/token API response

  • Default value: Bearer {insert_bearer_token_from_oauth_here/token_api}

HEADER

x-reference-id

Yes

  • ASCII string (32)

  • GUID

  • Unique identifier for the flow for traceability purposes

PATH

client_id

Yes

  • ASCII string (100)

  • This is the Client ID given in the Developer User Account section

BODY

code

Yes

  • ASCII string

  • PDF417 code with driver licence information

Example Request:

Success Response:

 

POST /client-id/{client_id}/accounts/{account_number}/calculate-interest

NOTE: the /calculate-interest endpoint has been updated to version 2.5.1, reflected in the URI.

This endpoint retrieves the plan and term configured for the merchant that can be offered to a customer.

Request Parameters:

Type

Parameter

Required

Details

Type

Parameter

Required

Details

HEADER

authorization

Yes

  • ASCII string (1000)

  • This is the word “Bearer” with a space and then the access_token given in oauth/token API response

  • Default value: Bearer {insert_bearer_token_from_oauth_here/token_api}

HEADER

x-reference-id

Yes

  • ASCII string (32)

  • GUID

  • Unique identifier for the flow for traceability purposes

PATH

client_id

Yes

  • ASCII string (100)

  • This is the Client ID given in the Developer User Account section

PATH

account_number

Yes

  • number (14)

  • The Account Number of the Primary Account Holder

  • his is not the FlexitiCard number (VCC)

QUERY

lang



  • ASCII string (5)

  • Customer Preferred language

  • Available values: (en=English) or (fr=French)

  • Default value: en

BODY

amount

 

  • number (18,2)

  • Amount of the transaction to calculate interest on

Example Request:

Response Parameters:

Type

Parameter

Details

Type

Parameter

Details

BODY

account_number

  • number (14)

  • The Account Number of the Primary Account Holder

  • This is not the VCC (Flexiti Card)

BODY

account_type

  • ASCII string (100)

  • This is the type of account: consumer or business

BODY

amount

  • number (18,2)

  • Authorization amount

BODY

customer.available_credit

  • number (18,2)

  • Customer’s open to buy

BODY

customer.air

  • number (5,4)

  • air for the customer

BODY

customer.first_name

  • ASCII string (35)

  • Customer’s First Name

BODY

customer.last_name

  • ASCII string (50)

  • Customer’s Last Name

BODY

customer.category_type

  • ASCII string (30)

  • Category related to the customer’s risk rating

  • Possible values: preferred, premium, standard

BODY

regular_purchase.term_amount

  • number (18,2)

  • Value to explain the amount to be paid by month (or a deferred payment)

BODY

regular_purchase.air

  • number (5,4)

  • air for the purchase

BODY

regular_purchase.verify

  • boolean

  • Indicate if a customer can use regular_purchase_bypass as a format on the POST /client-id/{client_id}/account/{account_number}/verify endpoint for a regular revolve purchase.

  • This value will be true if:

    • the account_number being passed has made ≤ 3 regular purchases in the past 24HS; and,

    • the amount on the request is ≤ $200

BODY

regular_purchase.fees.description

  • ASCII string (50)

  • Customer facing label of this fee

BODY

regular_purchase.fees.amount

  • number (18,2)

  • Amount of the fees

BODY

regular_purchase.fees.type

  • ASCII String (20)

  • Denotes if the administrative fee amount is a monthly or total amount

  • Possible values:

    • admin_total

    • admin_monthly

BODY

regular_purchase.fees.message

  • ASCII string (1000)

  • Used to convey information necessary to notify the customer

  • Merchant is obligated to display this to the customer

BODY

promotional_purchase.plan_id

  • number (3)

  • ID of the promotional plan

BODY

promotional_purchase.plan_name

  • ASCII string

  • Name of the promotional plan available to the customer

BODY

promotional_purchase.terms.term

  • number (3)

  • Term of the promotional plan

  • Merchant is obligated to display this to the customer

BODY

promotional_purchase.terms.term_amount

  • number (18,2)

  • Value to explain the amount to be paid by month (or a deferred payment)

    • This will include admin fees

  • Merchant is obligated to display this to the customer

BODY

promotional_purchase.terms.annual_rates.description

  • ASCII string

  • Customer facing long-form label of this interest rate

  • Merchant can choose to display either this field or the short-form label to the customer

BODY

promotional_purchase.terms.annual_rates.rate

  • number (5, 4)

  • Applicable interest rate presented in decimal form

  • Merchant is obligated to display this rate to the customer

BODY

promotional_purchase.terms.annual_rates.type

  • ASCII string

  • Customer facing short-form label of the interest rate

  • Merchant can choose to display either this field or the long-form label to the customer

  • Possible values: “APR”, “AIR” depending on the plan type / plan_id

BODY

promotional_purchase.terms.annual_rates.message

  • ASCII string (1000)

  • Used to convey legal disclaimer necessary to notify the customer about their promotional plan

  • Merchant is obligated to display this to the customer within 1-click away from the plan selection

BODY

promotional_purchase.terms.fees.description

  • ASCII string (50)

  • Customer facing label of this fee

  • Merchant is obligated to display this to the customer

BODY

promotional_purchase.terms.fees.amount

  • number (18,2)

  • Amount of the fees

  • Merchant is obligated to display this to the customer

BODY

promotional_purchase.terms.fees.type

  • ASCII String (20)

  • Whether the fees displayed are per month or in total

  • Possible values: admin_total, admin_monthly

BODY

promotional_purchase.terms.fees.message

  • ASCII string (1000)

  • Used to convey information necessary to notify the customer

  • Merchant is obligated to display this to the customer

Success Response - ROC Customer:

Success Response - Quebec Customer