API Documentation

Common Error Codes

The following are errors that can happen on any request to CorePro, depending on the request parameters, origin, intermediate network, etc. If present, these values will appear in the "errors" property of the envelope:

details

Code	Message (en-US)	HTTP Status Code	Notes
50401	User is not authorized	401	Check your configuration for proper CorePro API Key and Secret values against those in CorePro Admin console. Existing ones may have expired.
50403	IP is not trusted	403	Check the IP of the request. If it is a valid IP, contact CorePro support to whitelist it.
50404	The requested resource was not found.	404	The route is invalid or is not supported in the version associated with your API Key.
50405	The requested HTTP method is not allowed.	405	The route accepts a different HTTP method - did you issue a POST when you should have issued a GET for a particular route?
50429	Rate limit exceeded	429	Too many requests within a certain timeslice for your API Key. Wait a small amount of time and retry the request. If this happens regularly, contact CorePro support to increase your rate limit (additional fee may be applied)
50500	Internal Server Error	500	CorePro is experiencing issues. Please share your requestId with CorePro support.
50501	Not Implemented	501	The route is invalid. Verify your code is calling a documented CorePro route.
50502	Bad Gateway	502	Network connectivity issues between your server and CorePro servers, or CorePro is down for maintenance. Investigate, and if issues persist, contact CorePro support.
50503	Service Unavailable	503	CorePro servers are unavailable. You will need to try your request later.
50504	Gateway Timeout	504	Network connectivity issues between your server and CorePro servers, or CorePro is down for maintenance. Investigate, and if issues persist, contact CorePro support.
50505	HTTP Version Not Supported	505	HTTP/1.1 must be specified when using CorePro. Change your code to issue HTTP/1.1 requests.
50902	ProgramId {0} does not have a BIN mapped to it.	400	Your program is configured incorrectly. Contact support@corepro.io
50904	Could not find PciKeyId for BankId {0}, ProgramId {1} in a status of 1 (Encrypt and Decrypt allowed).	400	Your program is configured incorrectly. Contact support@corepro.io
52998	Internal Server Error. Incident Id : {0}	500	This is the catch-all error number for an internal server error. Please contact support@corepro.io with the Incidient Id provided in the message.
58150	QualiFile service call error received.	500	The content of this error message may be replaced by the actual one received from the QualiFile service call.
59001	No VerificationFundsAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59002	No RetailClearingAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59003	No ProgramExternalAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59004	No BankIncomeAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59005	No RegDFeeAmtForExceedingMonthlyMax configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59006	No RegDMonthlyTransWithdrawCountMax configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59007	Internal to Internal transfer is disabled for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59008	AllowedAccountTypeId is not configured properly for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59009	Program {0} does not have recurring contributions enabled.	400	You are unable to do recurring contributions because it is disabled for your program.
59010	Program {0} is not configured to require external account verification. Call /externalAccount/create instead.	400	Call `/externalAccount/create instead.`
59011	Program {0} is configured to require external account verification. Call /externalAccount/initiate instead.	400	Call `/externalAccount/initiate instead.`
59012	Program {0} is missing a ProgramReport record for the given date range and program.	400	Your program is configured incorrectly. Contact support@corepro.io
59013	No ProgramClearingAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59014	No MiscellaneousAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59015	No GeneralJournalAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59016	No CashAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59017	No RetailExternalAccount configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59018	No ProgramEcode.PercentToClient configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59019	No ProgramEcode.PercentToCorePro configured for program {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59020	Program {0} does not have account type {1} enabled.	400	Your program is configured incorrectly. Contact support@corepro.io
59102	No ProgramClearingAccount linked to ProgramExternalAccount {0}	400	Your program is configured incorrectly. Contact support@corepro.io
59103	All card numbers are already allocated for Program {0}.	400	Your program is configured incorrectly. Contact support@corepro.io
59900	Could not convert {0} to {1}: {2}. Path '{3}', line {4}, position {5}.	400	Invalid value passed in for a JSON property. The value could not be converted to the proper type. {0} = JSON type, {1} = destination type, {2} = value, {3} = property name, {4} = line number, {5} = character position. e.g.: "Could not convert string to decimal: 11..04. Path 'recurringContributionAmount', line 9, position 42."
59901	Invalid JavaScript property identifier character: {0}. Path '{1}', line {2}, position {3}.	400	Property name is missing opening quote character ('"'). {0} = property name, {1} = line number, {2} = character position. e.g.: "Invalid JavaScript property identifier character: ". Path 'targetDate', line 13, position 7."
59902	Expected ':' but got: {0}. Path '{1}', line {2}, position {3}.	400	Property name is missing closing quote character ('"'). {0} = first character of property name, {1} = property name, {2} = line number, {3} = character position. e.g.: "Expected ':' but got: S. Path 'targetDate', line 13, position 11."
59903	Invalid character after parsing property name. Expected ':' but got: =. Path '{0}', line {1}, position {2}.	400	Attempting to use "=" instead of ":" to separate property name and its value. {0} = property name (typically the name of the previous property, not the one with the issue), {1} = line number, {2} = character position. e.g.: "Invalid character after parsing property name. Expected ':' but got: =. Path 'tag', line 11, position 18."
59904	Error reading {0}. Unexpected token: StartArray. Path '{1}', line {2}, position {3}.	400	Passed an array value to a property which is not an array. {0} = destination type, {1} = property name, {2} = line number, {3} = character position. e.g.: "Error reading string. Unexpected token: StartArray. Path 'tag', line 10, position 11."
59905	Error parsing NaN value. Path '{0}', line {1}, position {2}.	400	Attempting to pass `null` for a property value, but using an invalid casing (such as `NULL` or `Null`). {0} = property name, {1} = line number, {2} = character position. e.g.: "Error parsing NaN value. Path 'tag', line 10, position 10."
59906	After parsing a value an unexpected character was encountered: ;. Path '{0}', line {1}, position {2}.	400	Attempting to use a semicolon (`;`) where a comma (`,`) should be used. {0} = property name, {1} = line number, {2} = character position. e.g.: "After parsing a value an unexpected character was encountered: ;. Path 'customerId', line 2, position 22."
59949	(Message varies)	400	A generic JSON parsing error occurred. See message for details. i.e. The JSON payload is not structured properly in some way.
59950	Unexpected end when deserializing object. Path '{0}', line {1}, position {2}.	400	Closing curly brace ("}") is missing in JSON payload. {0} = property name, {1} = line number, {2} = character position. e.g.: "Unexpected end when deserializing object. Path 'type', line 15, position 1."
59951	Error converting value "{0}" to type '{1}'. Path '', line {2}, position {3}.	400	Opening curly brace ("}") is missing in JSON payload. {0} = first property name in payload, {1} = (varies, ignore), {2} = line number, {3} = character position. e.g.: "Error converting value \"customerId\" to type 'CorePro.Business.Account'. Path '', line 2, position 15."
59952	Value for property '{0}' is not formatted as a valid ISO-8601 DateTime. Example value=2015-01-31T22:43:21.123+00:00	400	The value for the property is not formatted as an ISO-8601 date. e.g.: "Value for property 'targetDate' is not formatted as a valid ISO-8601 DateTime. Example value=2015-01-31T22:43:21.123+00:00"
59953	Value for property '{0}' is not formatted as a valid boolean. Valid values=true,false	400	The value for the property is not formatted as a boolean value. e.g.: "Value for property 'isCloseable' is not formatted as a valid boolean. Valid values=true,false"
59954	Value for property '{0}' is not formatted as a valid decimal (precision up to 2). Example value=1234.56	400	The value for the property is not formatted as a decimal value. e.g.: "Value for property 'targetAmount' is not formatted as a valid decimal (precision up to 2). Example value=1234.56"
59955	Value for property '{0}' is not formatted as a valid decimal (precision up to 11). Example value=1234.56789012345	400	The value for the property is not formatted as a decimal value. e.g.: "Value for property 'interestRateMonthly' is not formatted as a valid decimal (precision up to 2). Example value=1234.56789012345"
59956	Value for property '{0}' is not acceptable. Specifics: {1}	400	The value for the property could not be cast properly. e.g.: "Value for property 'customerId' is not acceptable. Specifics: Input string '12548a' is not a valid integer. Path 'customerId', line 2, position 23."
59957	Missing a closing curly brace. Specifics: {0}	400	JSON payload is missing a closing curly brace. e.g.: "Missing a closing curly brace. Unexpected end when deserializing object. Path 'type', line 12, position 1."
59958	Missing an opening curly brace. Specifics: {0}	400	JSON payload is missing an opening closing curly brace. e.g.: "Missing an opening curly brace. Specifics: Error converting value "customerId" to type 'CorePro.Business.Account'. Path '', line 2, position 15."
59999	(Message varies)	400	A generic JSON deserialization error occurred. See message for details. i.e. The JSON payload is not structured properly in some way.
60001	Customer id {0} is invalid.	400	Provide a valid customerId in the request
60002	Customer id {0} is inactive.	400	An inactive customer cannot perform any actions in CorePro. Redirect the user to a page informing them of this.
60003	Customer id {0} is not in a verified status.	400	An unverified customer cannot perform any actions in CorePro (except call /customer/verify). Redirect the user to a page informing them of this.
60004	Customer id {0} is locked.	400	An locked customer cannot perform any actions in CorePro. Redirect the user to a page informing them of this.
60005	Customer id {0} is marked as deceased.	400	An deceased customer cannot perform any actions in CorePro. Redirect the user to a page informing them of this.

Customer

A customer is a single user in CorePro. Almost every action in CorePro requires a customerId to identify for whom the action is being performed. To correlate a customer in CorePro to a user in your system, use the tag property.

A program may be configured to automatically create all customers in a Verified status. This is typically used when the client has already verified the customer's identity itself. Otherwise, a program will be configured to require customers to verify their identity.

If Identity Verification Type is `None`:

/customer/create is called
Customer is created with a Verified status.
Call returns, workflow ends.

If Identity Verification Type is `OFAC Only`:

/customer/create is called.
Customer is created with an Initiated status.
OFAC check is performed.
On OFAC failure:
1. Customer is changed to Manual Review status.
2. Call returns. Note no Qualifile check is ever performed.
3. Customer will need to upload one or more bank required documents (via /customerdocument/upload - Bank of Record will set requirements on documentation that will be accepted for review. In most cases it will be a DriversLicense along with either a UtilityBill or a BankStatement.
4. Time passes (possibly several days).
5. If documents are not uploaded in a timely fashion (Bank of Record defines timely fashion -- typically 10-14 days):
  1. Customer status is changed to Expired
  2. Workflow ends.
6. If documents are uploaded within the time frame:
  1. Bank employee reviews customer information and documentation via the CorePro Admin site.
  2. Customer may be contacted at this point by bank employee, if needed.
  3. Bank employee marks customer as either Verified or Denied using the CorePro Admin site.
  4. Workflow ends.
On OFAC success:
1. If Qualifile (aka Chexsystems) is NOT enabled:
  1. Customer is changed to Verified status.
  2. Call returns, workflow ends.
2. If Qualifile (aka Chexsystems) IS enabled, check is performed:
  1. If result is DECLINE:
    1. Customer is changed to Denied status.
    2. Call returns, workflow ends.
  2. If result is REVIEW:
    1. Customer status is changed to Manual Review.
    2. Call returns.
    3. Customer will need to upload one or more bank required documents (via /customerdocument/upload - Bank of Record will set requirements on documentation that will be accepted for review. In most cases it will be a DriversLicense along with either a UtilityBill or a BankStatement.
    4. Time passes (possibly several days).
    5. If documents are not uploaded in a timely fashion (Bank of Record defines timely fashion -- typically 10-14 days):
      1. Customer status is changed to Expired
      2. Workflow ends.
    6. If documents are uploaded within the time frame:
      1. Bank employee reviews customer information and documentation via the CorePro Admin site.
      2. Customer may be contacted at this point by bank employee, if needed.
      3. Bank employee marks customer as either Verified or Denied using the CorePro Admin site.
      4. Workflow ends.
  3. Else (result is ACCEPT)
    1. Customer status is changed to Verified.
    2. Call returns, workflow ends.

If Identity Verification Type is `Full`:

/customer/initiate is called. (i.e. /customer/create is not needed in this workflow)
Customer is created in Initiated status (i.e. pending verification). This begins an identity verification session, which is valid for approximately 20 minutes. After that time period, the customer will need to restart the identity verification process.
OFAC check is performed.
On OFAC failure:
1. Customer status is changed to Manual Review.
2. Call returns. Note no Qualifile check is ever performed, nor are challenge questions returned.
3. Customer will need to upload one or more bank required documents (via /customerdocument/upload - Bank of Record will set requirements on documentation that will be accepted for review. In most cases it will be a DriversLicense along with either a UtilityBill or a BankStatement.
4. Time passes (possibly several days).
5. If documents are not uploaded in a timely fashion (Bank of Record defines timely fashion -- typically 10-14 days):
  1. Customer status is changed to Expired
  2. Workflow ends.
6. If documents are uploaded within the time frame:
  1. Bank employee reviews customer information and documentation via the CorePro Admin site.
  2. Customer may be contacted at this point by bank employee, if needed.
  3. Bank employee marks customer as either Verified or Denied using the CorePro Admin site.
  4. Workflow ends.
On OFAC success:
1. If Qualifile (aka Chexsystems) is enabled, check is performed:
  1. If result is DECLINE:
    1. Customer status is changed to Denied.
    2. Call returns, workflow ends.
  2. If result is REVIEW:
    1. Customer status is changed to Manual Review.
    2. Call returns with challenge questions.
    3. /customer/verify is called with the answers to the questions.
    4. Customer will need to upload one or more bank required documents (via /customerdocument/upload - Bank of Record will set requirements on documentation that will be accepted for review. In most cases it will be a DriversLicense along with either a UtilityBill or a BankStatement.
    5. Time passes (possibly several days).
    6. If documents are not uploaded in a timely fashion (Bank of Record defines timely fashion -- typically 10-14 days):
      1. Customer status is changed to Expired
      2. Workflow ends.
    7. If documents are uploaded within the time frame:
      1. Bank employee reviews customer information and documentation via the CorePro Admin site.
      2. Customer may be contacted at this point by bank employee, if needed.
      3. Bank employee marks customer as either Verified or Denied using the CorePro Admin site.
      4. Workflow ends.
  3. Else (result is ACCEPT)
    1. Customer status remains Initiated until challenge questions have been answered.
2. Call returns with challenge questions that need to be presented to the customer. These questions are specific to the customer based on the information provided and are multiple choice in nature.
  In the Sandbox environment, there is a specific set of customer information that can be verified, and a specific set of questions will always be presented. See the documentation provided to your organization at time of signing up with CorePro for details about customer identity verification in the Sandbox environment.
/customer/verify is called with the answers to the questions.
If a majority of the answers are valid and the information provided is accurate:
1. Customer status is set to Verified.
2. Call returns, workflow ends.
Otherwise:
- If most questions are answered correctly and/or most information provided is correct, the status of the customer is set to Manual Review. A call center representative using the CorePro Admin Console will need to be involved to move the customer to a Verified status. See documentation provided to your organization at time of signing up with CorePro for further details.
- If only some questions or no are answered correctly, or the information provided is not close enough to correct, the customer status will be set to Denied.
- If a customer is in Manual Review or Initiated status for a number of days, their status will automatically be set to Expired and they will need to restart the identity verification process to gain access to CorePro.
- There is roughly a 20 minute window the customer has to answer these questions before they timeout. After the questions have timed out, the customer is required to restart the identity verification process from the beginning.
  
  CorePro requires a unique taxId for any customer to start the identity verification process. This means if an identity verification session is abandoned (by calling /customer/initiate but never calling the subsequent /customer/verify), the taxId for that session is still considered "reserved", as it is already associated to a partially-created customer. To disassociate the taxId, call /customer/archive to archive that partially-created customer. That taxId can then be used in a new call to /customer/initiate to create a new customer and start a new identity verification session.

customer Object

Represents a single user in CorePro.

details

Property Data Type
(length) Description

customerId integer The unique identifier for a customer in CorePro. Will be returned on /customer/create call. Used as a parameter to almost every other CorePro route.

firstName string (64) First (Given) Name

middleName string (64) Middle Name

lastName string (128) Last Name (Surname)

suffix string (20) A customer's name suffix. e.g. "Sr.", "Esq.", "Ph.D."

birthDate datetime Example format: 1976-07-04T00:00:00.000+00:00

gender

string (1)

Possible values include:

M (male)
F (female)
U (unknown / unspecified)

culture

string (50)

Accepted values vary by program. Examples are:

en-US
es-US

tag

string (50)

A program-wide unique identifier supplied by the client to represent exactly one customer in CorePro in production. Sandbox does allow duplicate tags for testing. Typically represents a single user in your system. Maximum length is 50 characters. Note there are exactly two ways to retrieve a specific customer:

Call /customer/get passing a customerId
Call /customer/getByTag passing a tag

status

string (50)

Possible values include:

Initiated
Manual Review
Verified
Denied
Expired
Archived
Deceased

createdDate datetime Date the customer was created. Note a customer may have been created but not available for use, depending on the isLocked or status properties.

taxId string (30) SSN in the US. Specify only the digits, no formatting of any kind. i.e. exclude dashes, spaces, etc.

taxIdMasked string (10) Last 4 digits of the taxId property value, preceded by 6 '*'. e.g.: ******1234

driversLicenseNumber string (30) The identifying number from a government-issued driver's license

driversLicenseNumberMasked string (10) Last 4 digits of the driversLicenseNumber property value, preceded by 6 '*'. e.g.: ******1234

driversLicenseState string (2) State from which the driver's license is issued. i.e., IA for Iowa

driversLicenseIssueDate datetime Date the driver's license was issued. Example format: 1976-07-04T00:00:00.000+00:00

driversLicenseExpireDate datetime Date the driver's license expires. Example format: 1976-07-04T00:00:00.000+00:00

passportNumber string (30) The identifying number from a government-issued passport

passportNumberMasked string (10) Last 4 digits of the passportNumberMasked property value, preceded by 6 '*'. e.g.: ******1234

passportCountry string (5) Country from which the passport is issued. i.e., US for United States

passportIssueDate datetime Date the passport was issued. Example format: 1976-07-04T00:00:00.000+00:00

passportExpireDate datetime Date the passport expires. Example format: 1976-07-04T00:00:00.000+00:00

emailAddress string (255) someone@example.com

isActive boolean Deprecated. Will always return true

isLocked boolean Denotes if a customer is locked, typically caused by fraud prevention mechanisms or manual intervention via the Admin console. A locked customer can not transfer any funds.

lockedDate datetime Denotes the last time isLocked was set to true. Note if isLocked is changed to false, this value will not reset. Example format: 2014-01-01T00:00:00.000+00:00

lockedReason string (255) The reason isLocked was set to true. Freeform. Note if isLocked is changed to false, this value will not reset.

deceasedDate datetime Denotes the date the customer was reported as deceased. Example format: 2014-01-01T00:00:00.000+00:00

isSubjectToBackupWithholding boolean All customers need to indicate whether they are subject to backup withholding. CorePro will withhold the appropriate percentage of earned interest and submit these funds directly to the IRS. The amount withheld will be reported on the annual 1099-INT generated by CorePro. Please see the Backup Withholding topic at the IRS website for additional details.

isOptedInToBankCommunication boolean Denotes if customer opts in to receiving marketing notifications from the bank. Note customer may possibly still receive other required notifications from the bank regardless of this flag -- it depends on your program and the bank.

isDocumentsAccepted boolean Only required when creating a new customer. Confirms that customer viewed and accepted all documents returned via the /bankdocument/list route

customField1 string (100) A property for holding client-defined data. There is no business logic in CorePro for a custom field.

customField2 string (100) A property for holding client-defined data. There is no business logic in CorePro for a custom field.

customField3 string (100) A property for holding client-defined data. There is no business logic in CorePro for a custom field.

customField4 string (100) A property for holding client-defined data. There is no business logic in CorePro for a custom field.

customField5 string (100) A property for holding client-defined data. There is no business logic in CorePro for a custom field.

accessTypeCode

string (4)

The maximum level of access this customer can have.

Possible values:

Value	Description	Account Rights	Card Rights
`FULL`	Full Access. Vetted customer (either by CorePro or by client)	Full	Full
`ACCT`	Account Holder. Non-vetted customer.	Can not create new accounts. Individual account access depends on settings for that account. See `accessTypeCode` property of the `account` object.	Can not create new cards. May be given access to a card by a vetted customer.
`CARD`	Card Holder. Non-vetted customer.	Can not create new accounts. May transfer funds only via a card already assigned to them.	Can not create new cards. May be given access to a card by a vetted customer.
`FDRY`	Fiduciary. Non-vetted customer.	May only view account data, may not alter data in any fasion. Account access still depends on settings for that account. See `accessTypeCode` property of the `account` object.	No access

lastModifiedDate

datetime

Date when the object was last altered in any way

lastActivityDate datetime Timestamp for the last time any action was performed on this customer. Actions include listing, editing, archiving, closing, transferring funds, or otherwise "touching" any data specific to this customer, whether it is via the API, a Bulk Transfer Request file, or the Admin console.

phones list of phone objects

addresses list of address objects

accounts list of account objects

externalAccounts list of externalAccount objects

cards list of card objects

create

Create a new customer. Functions properly only if your Program is configured with a Verification Type of None (no ID verification checks) or OFAC Only (OFAC file is scanned, no other ID verification).

Note: This route returns a 200 upon success. If you use a Q2 provided SDK, this route returns a 201 upon success instead.

POST /customer/create

Request Body Parameters

`firstName`	Required if `OFAC Only`	The customer's given name.
`middleName`	Optional	The customer's middle name.
`lastName`	Required if `OFAC Only`	The customer's surname.
`suffix`	Optional	The customer's suffix. e.g. "Jr.", "III", "D.D.S."
`birthDate`	Optional	The customer's date of birth. See date formatting at the top of this resource.
`gender`	Optional	Valid values are: `M` (male) `F` (female) `U` (unknown / unspecified) Default is `U`
`culture`	Optional	Valid values vary by program. Examples are: `en-US` `es-US` Default is `en-US`
`tag`	Optional	A program-wide unique identifier supplied by the client to represent exactly one customer in CorePro in production. Sandbox does allow duplicate `customer` tags for testing Typically represents a single user in your system.
`taxId`	Optional	The customer's Social Security Number sans formatting (no dashes, no spaces, etc)
`driversLicenseNumber`	Optional	The customer's government-issued driver's license number
`driversLicenseState`	Optional	The US state the customer's driver's license was issued in
`driversLicenseIssueDate`	Optional	The date customer's driver's license was issued
`driversLicenseExpireDate`	Optional	The date customer's driver's license expires
`passportNumber`	Optional	The customer's passport number.
`passportCountry`	Optional	The country the customer's passport was issued from.
`passportIssueDate`	Optional	The date customer's passport was issued
`passportExpireDate`	Optional	The date customer's passport expires
`emailAddress`	Optional	The customer's email address.
`isSubjectToBackupWithholding`	Required	Set to `true` if customer is subject to backup withholding when interest is paid. Set to `false` otherwise.
`isOptedInToBankCommunication`	Required	Set to `true` if the customer opts in to receive communications from the bank. Set to `false` otherwise.
`isDocumentsAccepted`	Required	Confirms that customer viewed and accepted all documents returned via the `/bankdocument/list` route
`customField1`	Optional	Any value up to 100 characters in length
`customField2`	Optional	Any value up to 100 characters in length
`customField3`	Optional	Any value up to 100 characters in length
`customField4`	Optional	Any value up to 100 characters in length
`customField5`	Optional	Any value up to 100 characters in length
`accessTypeCode`	Optional	Possible values include: `FULL` - Full Access. (Default if not specified) `ACCT` - Account Holder only `CARD` - Card Holder only `FDRY` - Fiduciary only
`addresses`	`Residential` is required if `OFAC Only`	A list of 0 or more `address` Objects to update or add. Note only one of a given addressType is allowed, meaning if you pass `Mailing` as the type and one exists, it will be updated instead of a new one being added.
`phones`	Optional	A list of 0 or more `phone` Objects to update or add. Note only one of a given phoneType is allowed, meaning if you pass `Office` as the type and one exists, it will be updated instead of a new one being added.

Response Data

`customerId`	Customer ID of the new customer. This customer will be in a `Verified` status upon success of this call.

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60106	Invalid Verification Level for program. Current Level: '{0}'.
60111	Residence Address is missing.
60112	Residence Zip Code is missing.
60201	First Name is a required field.
60202	Last Name is a required field.
60203	Birth Date is a required field.
60204	Birth Date is invalid. Please enter a valid date after 01/01/1900 and in the past.
60205	Gender is a required field. Valid values are: 'M', 'F', and 'U'.
60206	Gender is invalid. Valid values are: 'M', 'F', and 'U'.
60207	Culture is a required field.	Provide a culture value that has been configured for your program. Typically `en-US`.
60208	Invalid Status.
60209	Tax Id is a required field.
60210	Is Subject To Backup Withholding is a required field.	Specify "true" or "false" for this property.
60211	Is Opted In To Bank Communication is a required field.	Specify "true" or "false" for this property.
60212	Is Documents Accepted must be ''true''.	Specify "true" for this property. End user should be required to confirm that they have read and accept the terms of all documents returned by `/bankdocument/list`.
60213	ID Verification required for the program specified.	This route cannot be used based on your program configuration. Call `/customer/initiate` and subsequently `/customer/verify` instead.
60214	A Residence Address is required.	Provide an address object with an addressType of `Residence`
60215	Invalid Address Type. Valid values are: Mailing, Residence, Prior.
60216	Address Line 1 is a required field.
60217	Residential Addresses can not contain a PO Box.
60218	City is a required field.
60219	State is a required field.
60220	Postal Code is a required field.
60221	Country is a required field.
60222	Invalid Phone Type. Valid values are: Home, Mobile, Office.
60223	Phone Number is a required field.
60224	This TaxId is already associated with an customer.	Provide a Tax Id unique to this customer.
60225	Tag '{0}' is already associated with another customer.	Provide a unique tag for this customer, or no tag at all.
60226	Tag '{0}' is already associated with another customer.	Provide a unique tag for this customer, or no tag at all.
60230	Driver license state is required when driver license number is provided.
60235	Passport country is required when passport number is provided.
60250	Only three addresses are allowed -- one for each valid type of Residence, Mailing, or Prior.	Do not provide more than 3 address objects, each one with a different value for addressType.
60251	Only three phones are allowed -- one for each valid type of Home, Mobile, or Office.	Do not provide more than 3 phone objects, each one with a different value for phoneType.
60260	Registration attempt limit has been reached. Please try again at a later date.
66801	Invalid Phone Type. Valid values are: 'Home', 'Mobile', 'Office'.
66802	Phone Number is a required field.
66901	Invalid Address Type. Valid values are: Mailing, Residence, Prior.
66902	Address Line 1 is a required field.
66903	City is a required field.
66904	State is a required field.
66905	Postal Code is a required field.
66906	Country is a required field.
66907	Residential Addresses can not contain a PO Box.
69301	Denial limit for this taxId has been exceeded. Registration may be attempted again on {0:d}.	NOTE: This check is performed only in the Production environment; it is not performed in the Sandbox environment.

Example

Request

POST /customer/create
Authorization: Basic PutBase64TokenHere

{ 
    "firstName":"John",
    "middleName":"Allen",
    "lastName":"Smith",
    "birthDate":"1976-07-04T00:00:00.000+00:00",
    "gender":"M",
    "culture":"en-US",
    "customField1": "ABCD",
    "tag":"MB3823823",
    "taxId":"123456789",
    "driversLicenseNumber":"543543443",
    "driversLicenseState":"IA",
    "driversLicenseExpireDate":"2014-07-04T00:00:00.000+00:00",
    "emailAddress":"john.a.smith@test.com",
    "isSubjectToBackupWithholding":false,
    "isOptedInToBankCommunication":true,
    "isDocumentsAccepted":true,
    "phones":
    [
        {
            "phoneType":"Home",
            "number":"5155551212"
        },
        {
            "phoneType":"Mobile",
            "number":"5155551414"
        }
    ],
    "addresses": 
    [
        {
            "addressType":"Mailing",
            "addressLine1":"PO Box 123",
            "city":"Anytown",
            "state":"IA",
            "postalCode":"50001",
            "country":"USA"
        },
        {
            "addressType":"Residence",
            "addressLine1":"123 Main St",
            "city":"Anytown",
            "state":"IA",
            "postalCode":"50001",
            "country":"USA"
        }
    ]
}

Response

{
  "data" :
  {
    "customerId": 1583018,
    "messages": [],
    "questions": [],
    "verificationStatus": "success"
  },
  "errors":[],
  "status":200
}

deactivate

Deactivates a customer.

Deprecated. Please use /customer/archive instead.

get

Retrieve customer information by the customerId created by CorePro.

Note: When you provide an invalid identifier (id,tag, or emailAddress), all routes ending with /get returns 400 (Bad Request). This route returns a filled out corresponding accounts array.

GET /customer/get/{customerId}

Request Parameters

`customerId`	Required	Customer ID (returned when customer was created)

Response Data

A `customer` Object

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60001	Customer id {0} is invalid.

Example

Request

GET /customer/get/3
Authorization: Basic PutBase64TokenHere

Response

{
  "data": {
    "accessTypeCode" : "FULL",
    "accounts": [
      {
        "accountBalance": 0.0000,
        "accountId": 220,
        "accountNumber": "00000000000000078",
        "accountNumberMasked": "*************0078",
        "availableBalance": 0.0000,
        "closedDate": "9999-12-31T23:59:59.999+00:00",
        "createdDate": "2014-02-24T16:36:08.469-06:00",
        "customerId": 3,
        "customField1": "982734",
        "name": "Savings",
        "recurringContributionFromExternalAccountId": 0,
        "recurringContributionType": "None",
        "status": "Open",
        "type": "Prepaid",
        "productId": 345
      }
    ],
    "addresses": [
      {
        "addressLine1": "222333 PeachTree Place",
        "addressLine2": "",
        "addressType": "Residence",
        "city": "Atlanta",
        "country": "US",
        "customerAddressId": 218,
        "postalCode": "30318",
        "state": "GA"
      }
    ],
    "birthDate": "1975-02-28T00:00:00.000-06:00",
    "createdDate": "2014-02-24T16:36:08.469-06:00",
    "culture": "en-US",
    "customerId": 217,
    "customField1": "XYZ",
    "driversLicenseNumber": "ABC123XYZ",
    "driversLicenseState":"GA",
    "emailAddress": "",
    "externalAccounts": [
      {
        "accountNumberMasked": "******9873",
        "customerId": 3,
        "customField1": "ABCD123",
        "externalAccountId": 221,
        "firstName": "Brock",
        "isActive": true,
        "isLocked": false,
        "lastName": "Weaver",
        "lockedDate": "9999-12-31T23:59:59.999+00:00",
        "name": "PrepaidAbc",
        "nickName": "pp1",
        "routingNumberMasked": "******1234",
        "status": "Unverified",
        "statusDate": "2014-02-24T16:36:29.102-06:00",
        "tag": "tag1",
        "type": "Savings"
      }
    ],
    "firstName": "John",
    "gender": "M",
    "isActive": true,
    "isDocumentsAccepted": true,
    "isLocked": false,
    "isOptedInToBankCommunication": true,
    "isSubjectToBackupWithholding": false,
    "lastName": "Smith",
    "lockedDate": "9999-12-31T23:59:59.999+00:00",
    "middleName": "",
    "phones": [
      {
        "customerPhoneId": 219,
        "number": "515-555-1234",
        "phoneType": "Mobile"
      }
    ],
    "status": "Verified",
    "tag": "cust1008909",
    "taxId": "112223333"
  },
  "errors": [],
  "status": 200
}

getByEmail

Retrieve customer information by the emailAddress specified at customer creation time.

Note: When you provide an invalid identifier (id,tag, or emailAddress), all routes ending with /getByEmail returns 400 (Bad Request). This route returns a filled out corresponding accounts array.

GET /customer/getByEmail/{emailAddress}

Request Parameters

`emailAddress`	Required	The `emailAddress` for this customer. String up to 100 chars.

Response Data

A `customer` Object

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
69501	EmailAddress must be specified.

Example

Request

GET /customer/getByEmail/nobody@example.com
Authorization: Basic PutBase64TokenHere

Response

        
    {
  "data": {
    "accessTypeCode" : "FULL",
    "accounts": [
      {
        "accountBalance": 0.0000,
        "accountId": 220,
        "accountNumber": "00000000000000078",
        "accountNumberMasked": "*************0078",
        "availableBalance": 0.0000,
        "closedDate": "9999-12-31T23:59:59.999+00:00",
        "createdDate": "2014-02-24T16:36:08.469-06:00",
        "customerId": 3,
        "customField1": "XYZ456",
        "name": "Savings",
        "recurringContributionFromExternalAccountId": 0,
        "recurringContributionType": "None",
        "status": "Open",
        "type": "Prepaid",
        "productId": 345
      }
    ],
    "addresses": [
      {
        "addressLine1": "222333 PeachTree Place",
        "addressLine2": "",
        "addressType": "Residence",
        "city": "Atlanta",
        "country": "US",
        "customerAddressId": 218,
        "postalCode": "30318",
        "state": "GA"
      }
    ],
    "birthDate": "1975-02-28T00:00:00.000-06:00",
    "createdDate": "2014-02-24T16:36:08.469-06:00",
    "culture": "en-US",
    "customerId": 217,
    "customField1": "23423",
    "driversLicenseNumber": "",
    "emailAddress": "nobody@example.com",
    "externalAccounts": [
      {
        "accountNumberMasked": "******9873",
        "customerId": 3,
        "customField1": "ABCD123",
        "externalAccountId": 221,
        "firstName": "Brock",
        "isActive": true,
        "isLocked": false,
        "lastName": "Weaver",
        "lockedDate": "9999-12-31T23:59:59.999+00:00",
        "name": "PrepaidAbc",
        "nickName": "pp1",
        "routingNumberMasked": "******1234",
        "status": "Unverified",
        "statusDate": "2014-02-24T16:36:29.102-06:00",
        "tag": "tag1",
        "type": "Savings"
      }
    ],
    "firstName": "John",
    "gender": "M",
    "isActive": true,
    "isDocumentsAccepted": true,
    "isLocked": false,
    "isOptedInToBankCommunication": true,
    "isSubjectToBackupWithholding": false,
    "lastName": "Smith",
    "lockedDate": "9999-12-31T23:59:59.999+00:00",
    "middleName": "",
    "phones": [
      {
        "customerPhoneId": 219,
        "number": "515-555-1234",
        "phoneType": "Mobile"
      }
    ],
    "status": "Verified",
    "tag": "cust1008909",
    "taxId": "112223333"
  },
  "errors": [],
  "status": 200
}

getByTag

Retrieve customer information by a unique identifier you specify at customer creation time.

Note: When you provide an invalid identifier (id,tag, or emailAddress), all routes ending with /getByTag returns 400 (Bad Request). This route returns a filled out corresponding accounts array.

GET /customer/getByTag/{tag}

Request Parameters

`tag`	Required	Your unique identifier for this customer in production (i.e. not generated by CorePro; an alternate key). Sandbox does allow duplicate `customer` tags for testing. String up to 50 chars.

Response Data

A `customer` Object

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
65701	Tag must be specified.

Example

Request

GET /customer/getByTag/cust1008909
Authorization: Basic PutBase64TokenHere

Response

        
    {
  "data": {
    "accessTypeCode" : "FULL",
    "accounts": [
      {
        "accountBalance": 0.0000,
        "accountId": 220,
        "accountNumber": "00000000000000078",
        "accountNumberMasked": "*************0078",
        "availableBalance": 0.0000,
        "closedDate": "9999-12-31T23:59:59.999+00:00",
        "createdDate": "2014-02-24T16:36:08.469-06:00",
        "customerId": 3,
        "customField1": "XYZ456",
        "name": "Savings",
        "recurringContributionFromExternalAccountId": 0,
        "recurringContributionType": "None",
        "status": "Open",
        "type": "Prepaid",
        "productId": 345
      }
    ],
    "addresses": [
      {
        "addressLine1": "222333 PeachTree Place",
        "addressLine2": "",
        "addressType": "Residence",
        "city": "Atlanta",
        "country": "US",
        "customerAddressId": 218,
        "postalCode": "30318",
        "state": "GA"
      }
    ],
    "birthDate": "1975-02-28T00:00:00.000-06:00",
    "createdDate": "2014-02-24T16:36:08.469-06:00",
    "culture": "en-US",
    "customerId": 217,
    "customField1": "23423",
    "driversLicenseNumber": "",
    "emailAddress": "",
    "externalAccounts": [
      {
        "accountNumberMasked": "******9873",
        "customerId": 3,
        "customField1": "ABCD123",
        "externalAccountId": 221,
        "firstName": "Brock",
        "isActive": true,
        "isLocked": false,
        "lastName": "Weaver",
        "lockedDate": "9999-12-31T23:59:59.999+00:00",
        "name": "PrepaidAbc",
        "nickName": "pp1",
        "routingNumberMasked": "******1234",
        "status": "Unverified",
        "statusDate": "2014-02-24T16:36:29.102-06:00",
        "tag": "tag1",
        "type": "Savings"
      }
    ],
    "firstName": "John",
    "gender": "M",
    "isActive": true,
    "isDocumentsAccepted": true,
    "isLocked": false,
    "isOptedInToBankCommunication": true,
    "isSubjectToBackupWithholding": false,
    "lastName": "Smith",
    "lockedDate": "9999-12-31T23:59:59.999+00:00",
    "middleName": "",
    "phones": [
      {
        "customerPhoneId": 219,
        "number": "515-555-1234",
        "phoneType": "Mobile"
      }
    ],
    "status": "Verified",
    "tag": "cust1008909",
    "taxId": "112223333"
  },
  "errors": [],
  "status": 200
}

initiate

This route has been deprecated and should be used for troubleshooting purposes only. Please contact your Sales Representative or Relationship Manager for additional information.

Initiate a new customer for Programs that elected the CorePro identity verification services. Functions properly only if your Program is configured with an Identity Verification Type of Full. If successful (i.e. verificationStatus = success), a subsequent call to /customer/verify must be performed, passing along information returned from this call along with information gathered from the user (i.e. answers to the challenge questions only the "real" person should be able to answer).

To determine the result of this call, please follow these guidelines:

If HTTP status code is 3XX, 4XX, or 5XX : Customer will be in a Denied status. This occurs when a validation rule has been violated or the request to the underlying Idology or Qualifile web services experienced an issue (connection failed, badly formatted payload, internal server error, etc).
Otherwise, inspect the value of verificationStatus to determine your next action:
- success - Customer has been deemed trustworthy and is in an Initiated status. Questions will be returned. These should be displayed to the user and their answers submitted via /customer/verify.
- failed - Customer has been deemed not trustworthy and is in a Denied status. No questions are returned. User is not allowed to use CorePro.
- manual review - Insufficient data to confirm or deny customer trustworthiness. Customer is in a Manual Review status. User will need to upload documents via /customerdocument/upload to help prove their identity. These documents will need to be reviewed by a human CSR at a later date.

POST /customer/initiate

Request Body Parameters

`firstName`	Required	The customer's given name.
`middleName`	Optional	The customer's middle name.
`lastName`	Required	The customer's surname.
`suffix`	Optional	The customer's suffix. e.g. "Jr.", "III", "D.D.S."
`birthDate`	Required	The customer's date of birth.
`gender`	Optional	Valid values are: `M` (male) `F` (female) `U` (unknown / unspecified) Default is `U`
`culture`	Optional	Valid values vary by program. Examples are: `en-US` `es-US` Default is `en-US`
`tag`	Optional	A program-wide unique identifier supplied by the client to represent exactly one customer in CorePro in production. Sandbox does allow duplicate `customer` tags for testing Typically represents a single user in your system.
`taxId`	Required	The customer's Social Security Number sans formatting (no dashes, no spaces, etc)
`driversLicenseNumber`	Optional	The customer's government-issued driver's license number
`driversLicenseState`	Required if `driversLicenseNumber` is provided.	The US state the customer's driver's license was issued in
`driversLicenseIssueDate`	Required if `driversLicenseNumber` is provided.	The date customer's driver's license was issued
`driversLicenseExpireDate`	Required if `driversLicenseNumber` is provided.	The date customer's driver's license expires
`passportNumber`	Optional	The customer's passport number.
`passportCountry`	Required if `passportNumber` is provided.	The country the customer's passport was issued from.
`passportIssueDate`	Required if `passportNumber` is provided.	The date customer's passport was issued
`passportExpireDate`	Required if `passportNumber` is provided.	The date customer's passport expires
`emailAddress`	Optional	The customer's email address.
`isSubjectToBackupWithholding`	Required	Set to `true` if customer is subject to backup withholding when interest is paid. `false` otherwise.
`isOptedInToBankCommunication`	Required	Set to `true` if the customer opts in to receive communications from the bank. `false` otherwise.
`isDocumentsAccepted`	Required	Confirms that customer viewed and accepted all documents returned via the `/bankdocument/list` route
`customField1`	Optional	Any value up to 100 characters in length
`customField2`	Optional	Any value up to 100 characters in length
`customField3`	Optional	Any value up to 100 characters in length
`customField4`	Optional	Any value up to 100 characters in length
`customField5`	Optional	Any value up to 100 characters in length
`addresses`	Require `Residence` address	A list of 1 or more `address` Objects to update or add. Note only one of a given addressType is allowed, meaning if you pass `Mailing` as the type and one exists, it will be updated instead of a new one being added.
`phones`	Optional	A list of 1 or more `phone` Objects to update or add. Note only one of a given phoneType is allowed, meaning if you pass `Office` as the type and one exists, it will be updated instead of a new one being added.

Response Data

`customerId`	Customer ID of the new customer.
`verificationId`	Verification ID of the new customer request. Must be passed in the subsequent call to `/customer/initiate`.
`verificationStatus`	Status of the identity verification. Possible values: `success` - Customer has been deemed trustworthy and is in an `Initiated` status. Questions will be returned. These should be displayed to the user and their answers submitted via /customer/verify. `failed` - Customer has been deemed not trustworthy and is in a `Denied` status. No questions are returned. User is not allowed to use CorePro. `manual review` - Insufficient data to confirm or deny customer trustworthiness. Customer is in a `Manual Review` status. User will need to upload documents via /customerdocument/upload to help prove their identity. These documents will then be reviewed by a human CSR at a later date.
`questions`	A list of 4 or more objects with 3 properties each: answers - a list of multiple choice answers for the question, one of which is correct. prompt - the question itself type - a value which must be passed on the subsequent call to `/customer/verify`

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60101	IDology service call error received.	The content of this error message may be replaced by the actual one received from the IDology service call.
60102	IDology service call failure received.	The content of this error message may be replaced by the actual one received from the IDology service call.
60103	IDology user not eligible for questions.	The content of this error message may be replaced by the actual one received from the IDology service call.
60104	IDology user verification failed.	The content of this error message may be replaced by the actual one received from the IDology service call.
60105	IDology ExpectID IQ Time Out.	The content of this error message may be replaced by the actual one received from the IDology service call.
60106	Invalid Verification Level for program. Current Level: '{0}'.
60151	IDology service call error received.	The content of this error message may be replaced by the actual one received from the IDology service call.
60152	IDology service call failure received.	The content of this error message may be replaced by the actual one received from the IDology service call.
60201	First Name is a required field.
60202	Last Name is a required field.
60203	Birth Date is a required field.
60204	Birth Date is invalid. Please enter a valid date after 01/01/1900 and in the past.
60205	Gender is a required field. Valid values are: `M` (male) `F` (female) `U` (unknown / unspecified)
60206	Gender is invalid. Valid values are: `M` (male) `F` (female) `U` (unknown / unspecified)
60207	Culture is a required field.	Provide a culture value that has been configured for your program. Typically `en-US`.
60208	Invalid Status.
60209	Tax Id is a required field.
60210	Is Subject To Backup Withholding is a required field.	Specify `true` or `false` for this property.
60211	Is Opted In To Bank Communication is a required field.	Specify `true` or `false` for this property.
60212	Is Documents Accepted is a required field.	Specify `true` for this property. End user should be required to confirm that they have read and accept the terms of all documents returned by `/bankdocument/list`.
60214	A Residence Address is required.	Provide an address object with an addressType of `Residence`
60224	This TaxId is already associated with another customer.	Provide a Tax Id unique to this customer. NOTE: This check is performed only in the Production environment; it is not performed in the Sandbox environment.
60225	Tag '{0}' is already associated with another customer.	Provide a unique tag for this customer, or no tag at all.
60226	Either a drivers license number or passport number is required.
60230	Driver license state is required when driver license number is provided.
60231	Driver license issue date is required when driver license number is provided.
60232	Driver license expire date is required when driver license number is provided.
60235	Passport country is required when passport number is provided.
60236	Passport issue date is required when passport number is provided.
60237	Passport expire date is required when passport number is provided.
60250	Only three addresses are allowed -- one for each valid type of Residence, Mailing, or Prior.	Do not provide more than 3 address objects, each one with a different value for addressType.
60251	Only three phones are allowed -- one for each valid type of Home, Mobile, or Office.	Do not provide more than 3 phone objects, each one with a different value for phoneType.
66801	Invalid Phone Type. Valid values are: 'Home', 'Mobile', 'Office'.
66802	Phone Number is a required field.
66901	Invalid Address Type. Valid values are: Mailing, Residence, Prior.
66902	Address Line 1 is a required field.
66903	City is a required field.
66904	State is a required field.
66905	Postal Code is a required field.
66906	Country is a required field.
66907	Residential Addresses can not contain a PO Box.
69301	Denial limit for this taxId has been exceeded. Registration may be attempted again on {0:d}.	NOTE: This check is performed only in the Production environment; it is not performed in the Sandbox environment.

Example

Request

POST /customer/initiate
Authorization: Basic PutBase64TokenHere

{ 
    "firstName":"John",
    "middleName":"Allen",
    "lastName":"Smith",
    "birthDate":"1976-07-04T00:00:00.000+00:00",
    "gender":"M",
    "culture":"en-US",
    "tag":"MB3823823",
    "taxId":"123456789",
    "driversLicenseNumber":"543543443",
    "driversLicenseState":"IA",
    "driversLicenseExpireDate":"2014-07-04T00:00:00.000+00:00",
    "emailAddress":"john.a.smith@test.com",
    "isSubjectToBackupWithholding":false,
    "isOptedInToBankCommunication":true,
    "isDocumentsAccepted":true,
    "phones":
    [
        {
            "phoneType":"Home",
            "number":"5155551212"
        },
        {
            "phoneType":"Mobile",
            "number":"5155551414"
        }
    ],
    "addresses": 
    [
        {
            "addressType":"Mailing",
            "addressLine1":"PO Box 123",
            "city":"Anytown",
            "state":"IA",
            "postalCode":"50001",
            "country":"USA"
        },
        {
            "addressType":"Residence",
            "addressLine1":"123 Main St",
            "city":"Anytown",
            "state":"IA",
            "postalCode":"50001",
            "country":"USA"
        }
    ]
}

Response

{
    "data" :
    {
      "customerId": 2342342,
      "messages": [],
      "questions": [
        {
          "answers": [
            "ELAINE RYAN",
            "JOE ANDERSON",
            "A VIRAY",
            "None of the above"
          ],
          "prompt": "From whom did you purchase the property at 222333 PEACHTREE PLACE?",
          "type": "purchased.property.from"
        },
        {
          "answers": [
            "STEVE BECK",
            "STEVE WASHINGTON",
            "LISA MCKITRICK",
            "None of the above"
          ],
          "prompt": "Which of the following people do you know?",
          "type": "person.known.fic"
        },
        {
          "answers": [
            "Single Family Residence",
            "Townhome",
            "Condominium",
            "None of the above"
          ],
          "prompt": "What type of residence is 222333 PEACHTREE PLACE?",
          "type": "residence.type"
        },
        {
          "answers": [
            "FALL RIVER",
            "UMATILLA",
            "FULTON",
            "None of the above"
          ],
          "prompt": "In which county have you lived?",
          "type": "current.county.b"
        }
      ],
      "verificationId": "1048354039",
      "verificationStatus": "success"
    },
    "errors":[],
    "status":200
}

list

Lists all customers for the program associated with the login creditials in the Authorization header.

GET /customer/list/?pageNumber={0}&pageSize={200}

Request Parameters

`pageNumber`	Optional (supplied via query string)	Which page of the customer list results to return. Default is 0
`pageSize`	Optional (supplied via query string)	Size of one page of the customers to return. Default is 200. Maximum is 200.

Response Data

A list of `customer` Objects, without the "accounts", "externalAccounts", "addresses", or "phones" properties populated.
The list is ordered by customer `lastName`, then `firstName`.
All customers, regardless of any flags or status, will be returned.
Note: Each `customer` object has an additional property, "customerCount". This is the total number of customers which match your criteria. This is intended to ease implementing the paging functionality for the UI developer.

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes

Example

Request

GET /customer/list/?pageNumber=0&pageSize=200
Authorization: Basic PutBase64TokenHere

Response

{
  "data": [
    {
      "accessTypeCode" : "FULL",
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:29:58.169-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 49,
      "customField1": "ABCD123",
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": true,
      "isDocumentsAccepted": false,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Verified"
    },
    {
      "accessTypeCode" : "FULL",
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:41:01.540-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 54,
      "customField1": "ABCD123",
      "driversLicenseNumber": "ABC123XYZ",
      "driversLicenseState": "GA",
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": false,
      "isDocumentsAccepted": true,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Denied"
    },
    {
      "accessTypeCode" : "FULL",
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:51:24.510-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 60,
      "customField1": "ABCD123",
      "driversLicenseState": "GA",
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": false,
      "isDocumentsAccepted": true,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Denied"
    }
  ],
  "errors": [],
  "status": 200
}

search

Retrieve customer information by the given parameter(s)

POST /customer/search/?pageNumber={0}&pageSize={200}

Request Parameters

`pageNumber`	Optional (supplied via query string)	Which page of the customer search results to return. Default is 0
`pageSize`	Optional (supplied via query string)	Size of one page of the customers to return. Default is 200. Maximum is 200.

Request Body Parameters

`lastName`	Optional (but at least one Optional parameter must be specified)
`firstName`	Optional (but at least one Optional parameter must be specified)
`tag`	Optional (but at least one Optional parameter must be specified)
`taxId`	Optional (but at least one Optional parameter must be specified)
`driversLicenseNumber`	Optional (but at least one Optional parameter must be specified)
`passportNumber`	Optional (but at least one Optional parameter must be specified)
`emailAddress`	Optional (but at least one Optional parameter must be specified)
`birthDate`	Optional (but at least one Optional parameter must be specified)

Note: This route requires a POST request despite the fact that it does not modify or create any data. This is to prevent sensitive data (such as taxId) from possibly being stored in any HTTP logs.

The exception to this is the pageNumber and pageSize variables, which are still passed via the query string. This is for consistency with the other paginated routes.

Also, for performance reasons, this route does not fill the phones, addresses, accounts or externalAccounts properties of the customer object. Only /customer/get and /customer/getByTag do.

Response Data

A list of `customer` Objects, without the "accounts", "externalAccounts", "addresses", or "phones" properties populated.
The list is ordered by customer lastName, then firstName.
Note: Each customer object has an additional property, "customerCount". This is the total number of customers which match your criteria. This is intended to ease implementing the paging functionality for the UI developer.

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60401	At least one field must be specified when performing a search.

Example

Request

POST /customer/search/?pageNumber=0&pageSize=200
Authorization: Basic PutBase64TokenHere
{
  "firstName" : "John",
  "lastName": "Smith"
}

Response

{
  "data": [
    {
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:29:58.169-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 49,
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": true,
      "isDocumentsAccepted": false,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Verified"
    },
    {
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:41:01.540-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 54,
      "driversLicenseNumber": "ABC123XYZ",
      "driversLicenseState": "GA",
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": false,
      "isDocumentsAccepted": true,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Denied"
    },
    {
      "accounts": [],
      "addresses": [],
      "birthDate": "1975-02-28T00:00:00.000+00:00",
      "createdDate": "2014-02-19T08:51:24.510-06:00",
      "culture": "en-US",
      "customerCount": 3,
      "customerId": 60,
      "driversLicenseState": "GA",
      "emailAddress": "user@example.com",
      "externalAccounts": [],
      "firstName": "John",
      "gender": "M",
      "isActive": false,
      "isDocumentsAccepted": true,
      "isLocked": false,
      "isOptedInToBankCommunication": false,
      "isSubjectToBackupWithholding": false,
      "lastName": "Smith",
      "lockedDate": "9999-12-31T23:59:59.999+00:00",
      "phones": [],
      "status": "Denied"
    }
  ],
  "errors": [],
  "status": 200
}

update

Update customer information

POST /customer/update

NOTE: As a fraud prevention mechanism, very few properties are updatable via the API if your program uses ID Verification.

* Denotes properties that are updatable only if your program's ID Verification level is None

If you need to update properties that are not detailed below, it must be done via the CorePro Admin Console.

Request Body Parameters

`customerId`	Required	Customer ID (returned when customer was created)
`firstName` *	Optional	The customer's given name.
`middleName` *	Optional	The customer's middle name.
`lastName` *	Optional	The customer's surname.
`suffix` *	Optional	The customer's suffix. e.g. "Jr.", "III", "D.D.S."
`birthDate` *	Optional	The customer's date of birth. See date formatting at the top of this resource.
`taxId` *	Optional	The customer's Social Security Number sans formatting (no dashes, no spaces, etc)
`driversLicenseNumber` *	Optional	The customer's government-issued driver's license number
`driversLicenseState` *	Optional	The US state the customer's driver's license was issued in
`driversLicenseIssueDate` *	Optional	The date customer's driver's license was issued
`driversLicenseExpireDate` *	Optional	The date customer's driver's license expires
`passportNumber` *	Optional	The customer's passport number.
`passportCountry` *	Optional	The country the customer's passport was issued from.
`passportIssueDate` *	Optional	The date customer's passport was issued
`passportExpireDate` *	Optional	The date customer's passport expires
`emailAddress` *	Optional	The customer's email address.
`gender`	Optional	Valid values are: `M` (male) `F` (female) `U` (unknown / unspecified)
`culture`	Optional	Valid values vary by program. Examples are: `en-US` `es-US`
`isSubjectToBackupWithholding`	Optional	Set to true if customer is subject to backup withholding when interest is paid. False otherwise.
`isOptedInToBankCommunication`	Optional	Set to true if the customer opts in to receive communications from the bank. False otherwise.
`tag`	Optional	A program-wide unique identifier (up to 50 characters in length) supplied by the client to represent exactly one customer in CorePro in production. Sandbox does allow duplicate `customer` tags for testing Typically represents a single user in your system.
`customField1`	Optional	Any value up to 100 characters in length
`customField2`	Optional	Any value up to 100 characters in length
`customField3`	Optional	Any value up to 100 characters in length
`customField4`	Optional	Any value up to 100 characters in length
`customField5`	Optional	Any value up to 100 characters in length
`addresses` *	Optional	A list of 0 or more `address` Objects to update or add. Note only one of a given addressType is allowed, meaning if you pass `Mailing` as the type and one exists, it will be updated instead of a new one being added.
`phones`	Optional	A list of 0 or more `phone` Objects to update or add. Note only one of a given phoneType is allowed, meaning if you pass `Office` as the type and one exists, it will be updated instead of a new one being added.

Response Data

No object is returned; the envelope's "data" property will be absent, but a status of 200 is returned upon success.

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60301	Birth Date is invalid. Please enter a valid date after 01/01/1900.
60302	Gender is invalid. Valid values are: 'M', 'F', and 'U'.
60303	Tag '{0}' is already associated with a different customer.
60250	Only three addresses are allowed -- one for each valid type of Residence, Mailing, or Prior.	Do not provide more than 3 address objects, each one with a different value for addressType.
60251	Only three phones are allowed -- one for each valid type of Home, Mobile, or Office.	Do not provide more than 3 phone objects, each one with a different value for phoneType.
60350	Only three addresses are allowed -- one for each valid type of Residence, Mailing, or Prior.
60351	Only three phones are allowed -- one for each valid type of Home, Mobile, or Office.
60450	Updating any properties that are used during the ID Verification process is not allowed. These properties include firstName, middleName, lastName, birthDate, taxId, and Residence address information.
66801	Invalid Phone Type. Valid values are: 'Home', 'Mobile', 'Office'.
66802	Phone Number is a required field.
66901	Invalid Address Type. Valid values are: Mailing, Residence, Prior.
66902	Address Line 1 is a required field.
66903	City is a required field.
66904	State is a required field.
66905	Postal Code is a required field.
66906	Country is a required field.
66907	Residential Addresses can not contain a PO Box.

Example

Request

POST /customer/update
Authorization: Basic PutBase64TokenHere

{
    "customerId":2342342,
    "isSubjectToBackupWithholding":true,
    "phones" : [
        {
            "phoneType" : "Office",
            "number" : "555-867-5309"
        }
    ]
}

Response

{
    "errors":[],
    "status":200
}

verify

This route has been deprecated and should be used for troubleshooting purposes only. Please contact your Sales Representative or Relationship Manager for additional information.

Verify a customer. Functions properly only if your Program is configured with a Verification Type of Full. Must supply answers to challenge questions, along with the verificationId returned from the previous call to /customer/initiate.

If a verificationStatus of success is returned, the customer will have a status of Verified is fully activated and can perform actions immediately.
If a verificationStatus of manual review is returned, the customer will have a status of Manual Review. The customer can not perform any actions until the following criteria are met:
1. The customer must provide documentation in the form of a driver's license and current utility bill to be reviewed by the banking partner.
2. Documents can be uploaded programmatically via /customerdocument/upload or manually via the Admin Console.
3. The customer will not be reviewed by the banking partner until the documents have been uploaded.
If a verificationStatus of failed is returned, the customer will have a status of Denied and will be unable to perform any actions.

POST /customer/verify

Request Body Parameters

`customerId`	Required	Returned from the `/customer/initiate` call
`verificationId`	Required	Returned from the `/customer/initiate` call
`answers`	Required	A list of 4 or more objects with 2 properties each: `questionType` - `type` from the `/customer/initiate` `questions[]` property `questionAnswer` - the user's selection from the `answers` list from the `/customer/initiate` `questions[]`

Response Data

`customerId`
`verificationStatus`	Status of the identity verification. Value is `success` upon success. This customer will be in a `Verified` status upon success of this call.
`messages`	A list of one or more objects with 2 properties each: `verificationId` `verificationMessage` - detail about how many questions were correct / incorrect

Error Codes

Code	Message (en-US)	Notes
1-60000	Any "Common Error Code" may occur.	See Common Error Codes
60104	All Answers incorrect
60107	Customer status must be Initiated to verify answers. Current status: {0}.
60108	Username for IDology is missing.	Your program is configured incorrectly. Contact support@corepro.io
60109	Password for IDology is missing.	Your program is configured incorrectly. Contact support@corepro.io
60110	Url for IDology is missing.	Your program is configured incorrectly. Contact support@corepro.io
60113	Not all Answers submitted.	Typically when wrong questionIds are sent.
60151	Invalid answer or answer type submitted.

Example

Request

POST /customer/verify
Authorization: Basic PutBase64TokenHere

{
    "customerId":2342342,
    "verificationId":"1048354039",
    "answers":[
	    {
	        "questionType":"prior.residence.state.multiyear",
	        "questionAnswer":"NEW YORK"
	    },
	    {
	        "questionType":"time.at.current.address",
	        "questionAnswer":"Over 5 years"
	    },
	    {
	        "questionType":"city.of.residence",
	        "questionAnswer":"ATLANTA"
	    },
	    {
	        "questionType":"current.county.b",
	        "questionAnswer":"FULTON"
	    }
    ]
}

Response

{
    "data" :
    {
      "customerId": 2342342,
      "messages": [
        {
          "verificationId": "1048354039",
          "verificationMessage": "One Incorrect Answer"
        }
      ],
      "questions": [],
      "verificationStatus": "success"
    },
    "errors":[],
    "status":200
}

Request

POST /customer/verify
Authorization: Basic PutBase64TokenHere

{
    "customerId":2342342,
    "verificationId":"1048354039",
    "answers":[
	    {
	        "questionType":"prior.residence.state.multiyear",
	        "questionAnswer":"None of the above"
	    },
	    {
	        "questionType":"time.at.current.address",
	        "questionAnswer":"None of the above"
	    },
	    {
	        "questionType":"city.of.residence",
	        "questionAnswer":"None of the above"
	    },
	    {
	        "questionType":"current.county.b",
	        "questionAnswer":"None of the above"
	    }
    ]
}

Response

{
"errors": [
{
"code": 60104,
"message": "All Answers Incorrect"
}
],
"requestId": "d56417ad-0a56-41ba-bb14-bc0f7e580f87",
"status": 400
}

`customerId`	Required	Customer ID (returned when customer was created)
`archiveReason`	Optional	Valid values are (Admin Drop-Down values italicized): `FirstPartyFraud` Fraud - First Party. When someone uses his/her own identity to obtain products and services with no intent to fulfill their payment obligation. `ThirdPartyFraud` Fraud - Third Party. When someone uses a stolen identity to commit fraud. Refers to fraud that is committed without the knowledge of the person whose identity is used to commit the fraud. `SyntheticIdFraud` Fraud - Synthetic ID. When someone uses a possible combination of real and phony attributes, including possible real attributes that don’t correlate to each other, in order to assemble a phony identity. This information is then used to open fraudulent accounts and/or obtain goods and services. `AccountTakeoverFraud` Fraud - Account Takeover. When someone uses another person's account information to make purchases or withdraw money and often involves changing credentials and/or personal profile information. `NonActivity` Non-Activity. `CustomerRequest` Customer Request. `BankDiscretion` Bank Discretion. Bank chose to archive for a non-fraud reason Default is `Other`. Providing a detailed reason is strongly encouraged as it informs and improves fraud detection mechanisms.

API Documentation

Common Error Codes

details

Customer

If Identity Verification Type is None:

If Identity Verification Type is OFAC Only:

If Identity Verification Type is Full:

customer Object

details

archive

POST /customer/archive

Request Body Parameters

Response Data

Error Codes

Example

Request

Response

create

POST /customer/create

Request Body Parameters

Response Data

Error Codes

Example

Request

Response

deactivate

get

GET /customer/get/{customerId}

Request Parameters

Response Data

Error Codes

Example

Request

Response

getByEmail

GET /customer/getByEmail/{emailAddress}

Request Parameters

Response Data

Error Codes

Example

Request

Response

getByTag

GET /customer/getByTag/{tag}

Request Parameters

Response Data

Error Codes

Example

Request

Response

initiate

POST /customer/initiate

Request Body Parameters

Response Data

Error Codes

Example

Request

Response

list

GET /customer/list/?pageNumber={0}&pageSize={200}

Request Parameters

Response Data

Error Codes

Example

Request

Response

search

POST /customer/search/?pageNumber={0}&pageSize={200}

Request Parameters

Request Body Parameters

Response Data

Error Codes

Example

Request

Response

update

POST /customer/update

NOTE: As a fraud prevention mechanism, very few properties are updatable via the API if your program uses ID Verification.

Request Body Parameters

Response Data

If Identity Verification Type is `None`:

If Identity Verification Type is `OFAC Only`:

If Identity Verification Type is `Full`: