openapi: 3.1.0 servers: - url: https://cal-test.adyen.com/cal/services/Hop/v1 info: version: '1' x-publicVersion: true title: Hosted onboarding API description: "This API is used for the classic integration. If you are just starting\ \ your implementation, refer to our [new integration guide](https://docs.adyen.com/adyen-for-platforms-model)\ \ instead.\n\nThe Hosted onboarding API provides endpoints that you can use to\ \ generate links to Adyen-hosted pages, such as an [onboarding page](https://docs.adyen.com/classic-platforms/hosted-onboarding-page)\ \ or a [PCI compliance questionnaire](https://docs.adyen.com/classic-platforms/platforms-for-partners).\ \ You can provide these links to your account holders so that they can complete\ \ their onboarding.\n\n## Authentication\nYour Adyen contact will provide your\ \ API credential and an API key. To connect to the API, add an `X-API-Key` header\ \ with the API key as the value, for example:\n\n ```\ncurl\n-H \"Content-Type:\ \ application/json\" \\\n-H \"X-API-Key: YOUR_API_KEY\" \\\n...\n```\n\nAlternatively,\ \ you can use the username and password to connect to the API using basic authentication.\ \ For example:\n\n```\ncurl\n-U \"ws@MarketPlace.YOUR_PLATFORM_ACCOUNT\":\"YOUR_WS_PASSWORD\"\ \ \\\n-H \"Content-Type: application/json\" \\\n...\n```\nWhen going live, you\ \ need to generate new web service user credentials to access the [live endpoints](https://docs.adyen.com/development-resources/live-endpoints).\n\ \n## Versioning\nThe Hosted onboarding API supports [versioning](https://docs.adyen.com/development-resources/versioning)\ \ using a version suffix in the endpoint URL. This suffix has the following format:\ \ \"vXX\", where XX is the version number.\n\nFor example:\n```\nhttps://cal-test.adyen.com/cal/services/Hop/v1/getOnboardingUrl\n\ ```" termsOfService: https://www.adyen.com/legal/terms-and-conditions contact: name: Adyen Developer Experience team url: https://github.com/Adyen/adyen-openapi tags: - name: Hosted Onboarding Page - name: PCI Compliance Questionnaire Page paths: /getOnboardingUrl: post: tags: - Hosted Onboarding Page summary: Get a link to a Adyen-hosted onboarding page description: Returns a link to an Adyen-hosted onboarding page (HOP) that you can send to your account holder. For more information on how to use HOP, refer to [Hosted onboarding](https://docs.adyen.com/classic-platforms/onboard-users/hosted-onboarding-page). operationId: post-getOnboardingUrl x-sortIndex: 1 x-methodName: getOnboardingUrl security: - BasicAuth: [] - ApiKeyAuth: [] requestBody: content: application/json: examples: get-onboarding-url: $ref: '#/components/examples/post-getOnboardingUrl-get-onboarding-url' schema: $ref: '#/components/schemas/GetOnboardingUrlRequest' responses: '200': content: application/json: examples: get-onboarding-url: $ref: '#/components/examples/post-getOnboardingUrl-get-onboarding-url-200' schema: $ref: '#/components/schemas/GetOnboardingUrlResponse' description: OK - the request has succeeded. '400': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Bad Request - a problem reading or understanding the request. '401': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unauthorized - authentication required. '403': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Forbidden - insufficient permissions to process the request. '422': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unprocessable Entity - a request validation error. '500': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Internal Server Error - the server could not process the request. /getPciQuestionnaireUrl: post: tags: - PCI Compliance Questionnaire Page summary: Get a link to a PCI compliance questionnaire description: "Returns a link to a PCI compliance questionnaire that you can\ \ send to your account holder.\n > You should only use this endpoint if you\ \ have a [partner platform setup](https://docs.adyen.com/classic-platforms/platforms-for-partners)." operationId: post-getPciQuestionnaireUrl x-sortIndex: 1 x-methodName: getPciQuestionnaireUrl security: - BasicAuth: [] - ApiKeyAuth: [] requestBody: content: application/json: examples: get-pci-questionnaire-url: $ref: '#/components/examples/post-getPciQuestionnaireUrl-get-pci-questionnaire-url' schema: $ref: '#/components/schemas/GetPciUrlRequest' responses: '200': content: application/json: examples: get-pci-questionnaire-url: $ref: '#/components/examples/post-getPciQuestionnaireUrl-get-pci-questionnaire-url-200' schema: $ref: '#/components/schemas/GetPciUrlResponse' description: OK - the request has succeeded. '400': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Bad Request - a problem reading or understanding the request. '401': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unauthorized - authentication required. '403': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Forbidden - insufficient permissions to process the request. '422': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Unprocessable Entity - a request validation error. '500': content: application/json: schema: $ref: '#/components/schemas/ServiceError' description: Internal Server Error - the server could not process the request. components: schemas: CollectInformation: additionalProperties: false properties: bankDetails: description: Indicates whether [bank account details](https://docs.adyen.com/classic-platforms/verification-process/accepted-data-format/#bank-accounts) must be collected. Default is **true**. type: boolean businessDetails: description: Indicates whether [business details](https://docs.adyen.com/classic-platforms/verification-process/accepted-data-format/#organizations) must be collected. Default is **true**. type: boolean individualDetails: description: Indicates whether [individual details](https://docs.adyen.com/classic-platforms/verification-process/accepted-data-format/#individuals) must be collected. Default is **true**. type: boolean legalArrangementDetails: description: Indicates whether [legal arrangement details](https://docs.adyen.com/classic-platforms/verification-checks/legal-arrangements) must be collected. Default is **true**. type: boolean pciQuestionnaire: description: Indicates whether answers to a [PCI questionnaire](https://docs.adyen.com/classic-platforms/platforms-for-partners#onboard-partner-platform) must be collected. Applies only to partner platforms. Default is **true**. type: boolean shareholderDetails: description: Indicates whether [shareholder details](https://docs.adyen.com/classic-platforms/verification-process/accepted-data-format/#individuals) must be collected. Defaults to **true**. type: boolean type: object ErrorFieldType: additionalProperties: false properties: errorCode: description: The validation error code. format: int32 type: integer errorDescription: description: A description of the validation error. type: string fieldType: description: The type of error field. $ref: '#/components/schemas/FieldType' type: object ErrorFieldTypeWrapper: properties: ErrorFieldType: $ref: '#/components/schemas/ErrorFieldType' FieldType: additionalProperties: false properties: field: description: The full name of the property. type: string fieldName: description: The type of the field. enum: - accountCode - accountHolderCode - accountHolderDetails - accountNumber - accountStateType - accountStatus - accountType - address - balanceAccount - balanceAccountActive - balanceAccountCode - balanceAccountId - bankAccount - bankAccountCode - bankAccountName - bankAccountUUID - bankBicSwift - bankCity - bankCode - bankName - bankStatement - branchCode - businessContact - cardToken - checkCode - city - companyRegistration - constitutionalDocument - controller - country - countryCode - currency - currencyCode - dateOfBirth - destinationAccountCode - document - documentContent - documentExpirationDate - documentIssuerCountry - documentIssuerState - documentName - documentNumber - documentType - doingBusinessAs - drivingLicence - drivingLicenceBack - drivingLicenceFront - drivingLicense - email - firstName - formType - fullPhoneNumber - gender - hopWebserviceUser - houseNumberOrName - iban - idCard - idNumber - identityDocument - individualDetails - infix - jobTitle - lastName - lastReviewDate - legalArrangement - legalArrangementCode - legalArrangementEntity - legalArrangementEntityCode - legalArrangementLegalForm - legalArrangementMember - legalArrangementMembers - legalArrangementName - legalArrangementReference - legalArrangementRegistrationNumber - legalArrangementTaxNumber - legalArrangementType - legalBusinessName - legalEntity - legalEntityType - linkedViasVirtualAccount - logo - merchantAccount - merchantCategoryCode - merchantHouseNumber - merchantReference - microDeposit - name - nationality - originalReference - ownerCity - ownerCountryCode - ownerDateOfBirth - ownerHouseNumberOrName - ownerName - ownerPostalCode - ownerState - ownerStreet - passport - passportNumber - payoutMethod - payoutMethodCode - payoutSchedule - pciSelfAssessment - personalData - phoneCountryCode - phoneNumber - postalCode - primaryCurrency - reason - returnUrl - schedule - shareholder - shareholderCode - shareholderCodeAndSignatoryCode - shareholderCodeOrSignatoryCode - shareholderType - shareholderTypes - shopperInteraction - signatory - signatoryCode - socialSecurityNumber - sourceAccountCode - splitAccount - splitConfigurationUUID - splitCurrency - splitValue - splits - stateOrProvince - status - stockExchange - stockNumber - stockTicker - store - storeDetail - storeName - storeReference - street - taxId - tier - tierNumber - transferCode - ultimateParentCompany - ultimateParentCompanyAddressDetails - ultimateParentCompanyAddressDetailsCountry - ultimateParentCompanyBusinessDetails - ultimateParentCompanyBusinessDetailsLegalBusinessName - ultimateParentCompanyBusinessDetailsRegistrationNumber - ultimateParentCompanyCode - ultimateParentCompanyStockExchange - ultimateParentCompanyStockNumber - ultimateParentCompanyStockNumberOrStockTicker - ultimateParentCompanyStockTicker - unknown - value - verificationType - virtualAccount - visaNumber - webAddress - year type: string shareholderCode: description: The code of the shareholder that the field belongs to. If empty, the field belongs to an account holder. type: string type: object GetOnboardingUrlRequest: additionalProperties: false properties: accountHolderCode: description: The account holder code you provided when you created the account holder. type: string collectInformation: description: Contains indicators whether the page should only collect information for specific [KYC checks](https://docs.adyen.com/classic-platforms/verification-checks). By default, the page collects information for all KYC checks that apply to the [legal entity type](https://docs.adyen.com/classic-platforms/account-holders-and-accounts#legal-entity-types). $ref: '#/components/schemas/CollectInformation' editMode: description: Indicates if editing checks is allowed even if all the checks have passed. type: boolean mobileOAuthCallbackUrl: description: The URL to which the account holder is redirected after completing an OAuth authentication with a bank through Trustly/PayMyBank. type: string platformName: description: The platform name which will show up in the welcome page. type: string returnUrl: description: The URL where the account holder will be redirected back to after they complete the onboarding, or if their session times out. Maximum length of 500 characters. If you don't provide this, the account holder will be redirected back to the default return URL configured in your platform account. type: string shopperLocale: description: "The language to be used in the page, specified by a combination\ \ of a language and country code. For example, **pt-BR**. \n\nIf not specified\ \ in the request or if the language is not supported, the page uses the\ \ browser language. If the browser language is not supported, the page\ \ uses **en-US** by default.\n\nFor a list of supported languages, refer\ \ to [Change the page language](https://docs.adyen.com/classic-platforms/hosted-onboarding-page/customize-experience#change-page-language)." type: string showPages: description: Contains indicators whether specific pages must be shown to the account holder. $ref: '#/components/schemas/ShowPages' required: - accountHolderCode type: object GetOnboardingUrlResponse: additionalProperties: false properties: invalidFields: x-addedInVersion: '5' description: Information about any invalid fields. items: $ref: '#/components/schemas/ErrorFieldTypeWrapper' type: array pspReference: description: The reference of a request. Can be used to uniquely identify the request. type: string redirectUrl: description: The URL to the Hosted Onboarding Page where you should redirect your sub-merchant. This URL must be used within 30 seconds and can only be used once. type: string resultCode: description: The result code. type: string submittedAsync: description: 'Indicates whether the request is processed asynchronously. Depending on the request''s platform settings, the following scenarios may be applied: * **true**: The request is queued and will be executed when the providing service is available in the order in which the requests are received. * **false**: The processing of the request is immediately attempted; it may result in an error if the providing service is unavailable.' type: boolean type: object GetPciUrlRequest: additionalProperties: false properties: accountHolderCode: description: The account holder code you provided when you created the account holder. type: string returnUrl: description: The URL where the account holder will be redirected back to after they fill out the questionnaire, or if their session times out. Maximum length of 500 characters. type: string required: - accountHolderCode type: object GetPciUrlResponse: additionalProperties: false properties: invalidFields: x-addedInVersion: '5' description: Information about any invalid fields. items: $ref: '#/components/schemas/ErrorFieldTypeWrapper' type: array pspReference: description: The reference of a request. Can be used to uniquely identify the request. type: string redirectUrl: description: The URL to the PCI compliance questionnaire where you should redirect your account holder. This URL must be used within 30 seconds and can only be used once. type: string resultCode: description: The result code. type: string submittedAsync: description: 'Indicates whether the request is processed asynchronously. Depending on the request''s platform settings, the following scenarios may be applied: * **true**: The request is queued and will be executed when the providing service is available in the order in which the requests are received. * **false**: The processing of the request is immediately attempted; it may result in an error if the providing service is unavailable.' type: boolean type: object ServiceError: additionalProperties: false properties: errorCode: description: The error code mapped to the error message. type: string errorType: description: The category of the error. type: string message: description: A short explanation of the issue. type: string pspReference: description: The PSP reference of the payment. type: string status: description: The HTTP response status. format: int32 type: integer type: object ShowPages: additionalProperties: false properties: bankDetailsSummaryPage: description: Indicates whether the page with bank account details must be shown. Defaults to **true**. type: boolean bankVerificationPage: description: Indicates whether the bank check instant verification' details must be shown. Defaults to **true**. type: boolean businessDetailsSummaryPage: description: Indicates whether the page with the company's or organization's details must be shown. Defaults to **true**. type: boolean checksOverviewPage: description: Indicates whether the checks overview page must be shown. Defaults to **false**. type: boolean individualDetailsSummaryPage: description: Indicates whether the page with the individual's details must be shown. Defaults to **true**. type: boolean legalArrangementsDetailsSummaryPage: description: Indicates whether the page with the legal arrangements' details must be shown. Defaults to **true**. type: boolean manualBankAccountPage: description: Indicates whether the page to manually add bank account' details must be shown. Defaults to **true**. type: boolean shareholderDetailsSummaryPage: description: Indicates whether the page with the shareholders' details must be shown. Defaults to **true**. type: boolean welcomePage: description: Indicates whether the welcome page must be shown. Defaults to **false**. type: boolean type: object securitySchemes: ApiKeyAuth: in: header name: X-API-Key type: apiKey BasicAuth: scheme: basic type: http examples: post-getOnboardingUrl-get-onboarding-url: summary: Get a hosted onboarding page link description: Returns a link to an Adyen-hosted onboarding page (HOP) that you can send to your account holder. value: accountHolderCode: CODE_OF_ACCOUNT_HOLDER returnUrl: https://your.return-url.com/?submerchant=123 post-getOnboardingUrl-get-onboarding-url-200: summary: Hosted onboarding page link description: Example response for requesting a hosted onboarding page link value: invalidFields: [] pspReference: '9115677600500127' resultCode: Success redirectUrl: https://hop-test.adyen.com/hop/view/?token= post-getPciQuestionnaireUrl-get-pci-questionnaire-url: summary: Get a PCI questionnaire link description: Returns a link to an Adyen-hosted PCI compliance questionnaire that you can send to your account holder. value: accountHolderCode: CODE_OF_ACCOUNT_HOLDER returnUrl: https://your.return-url.com/?submerchant=123 post-getPciQuestionnaireUrl-get-pci-questionnaire-url-200: summary: Hosted onboarding page link description: Example response for requesting a hosted onboarding page link value: invalidFields: [] pspReference: '8315748692943050' resultCode: Success redirectUrl: https://hop-test.adyen.com/hop/pci/?token=