# Compliance features Version: 1.0 ## Servers Sandbox ``` https://api.solaris-sandbox.de ``` Production ``` https://api.solarisbank.de ``` ## Download OpenAPI description [Compliance features](https://docs.solarisgroup.com/_bundle/api-reference/onboarding/compliance.yaml) ## AML follow-up ### (Sandbox only) Update person's AML follow-up date - [PATCH /v1/persons/{id}/update_for_development](https://docs.solarisgroup.com/api-reference/onboarding/compliance/aml-follow-up/paths/~1v1~1persons~1%7Bid%7D~1update_for_development/patch.md): Updates the AML follow-up date for a person. Only available on Sandbox for testing purposes. ## Testing endpoints for Postbox API ### Upload a document and create a Postbox item for a person - [POST /v1/persons/{person_id}/postbox](https://docs.solarisgroup.com/api-reference/onboarding/compliance/testing-endpoints-for-postbox-api/solaris_person_postbox_create.md): Uploads a document and creates a Postbox item for the person specified in the request URL. To pass the Postbox item details, you may use either the metadata object or separate request parts (i.e., the request properties document_name, document_type, etc.) If you use the second option, you must set the Content-Type of boolean properties to application/json. ### Upload a document and create a Postbox item for a business - [POST /v1/businesses/{business_id}/postbox](https://docs.solarisgroup.com/api-reference/onboarding/compliance/testing-endpoints-for-postbox-api/solaris_business_postbox_create.md): Uploads a document and creates a Postbox item for the business specified in the request URL. To pass the Postbox item details, you may use either the metadata object or separate request parts (i.e., the request properties document_name, document_type, etc.) If you use the second option, you must set the Content-Type of boolean properties to application/json. ### Generate a PDF document - [POST /v1/postbox/documents](https://docs.solarisgroup.com/api-reference/onboarding/compliance/testing-endpoints-for-postbox-api/solaris_postbox_documents_emulation_create.md): Generates an empty PDF document on Solaris' servers for use as a Postbox item. Please note the following: The Content-Type header for this request must be application/json.This endpoint can only be used for testing purposes on the testing, staging, and sandbox environments. ### Create a Postbox item for a person (deprecated) - [POST /v1/persons/{person_id}/postbox/items](https://docs.solarisgroup.com/api-reference/onboarding/compliance/testing-endpoints-for-postbox-api/solaris_postbox_person_items_emulation_create.md): Deprecated! Use POST /v1/persons/{person_id}/postbox instead. Creates a Postbox item for the person specified in the request URL. Note that you can only use this endpoint for testing purposes on the testing, staging, and sandbox environments. ### Create a Postbox item for a business (deprecated) - [POST /v1/businesses/{business_id}/postbox/items](https://docs.solarisgroup.com/api-reference/onboarding/compliance/testing-endpoints-for-postbox-api/solaris_postbox_business_items_emulation_create.md): Deprecated! Use POST /v1/businesses/{business_id}/postbox instead. Creates a Postbox item for the business specified in the request URL. Note that you can only use this endpoint for testing purposes on the testing, staging, and sandbox environments. ## Postbox Items ### Index Postbox items for a person - [GET /v1/persons/{person_id}/postbox/items](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-items/solaris_postbox_person_items_all.md): Returns an array containing all Postbox items associated with the person specified in the request URL. Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below. ### Index Postbox items for a business - [GET /v1/businesses/{business_id}/postbox/items](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-items/solaris_postbox_business_items_all.md): Returns an array containing all Postbox items associated with the business specified in the request URL. Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below. ### Retrieve a Postbox item - [GET /v1/postbox/items/{item_id}](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-items/solaris_postbox_items_find.md): Returns the Postbox item specified in the request URL. ### Download document for a Postbox item - [GET /v1/postbox/items/{item_id}/document](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-items/solaris_postbox_item_document_find.md): Downloads the document associated with the Postbox item specified in the request URL. The only supported media type is application/pdf. ## Postbox Confirmations ### Create a confirmation for a Postbox item - [POST /v1/postbox/items/{item_id}/confirmations](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-confirmations/solaris_postbox_item_confirmations_create.md): Creates a confirmation for the Postbox item specified in the request URL and sets 'has_been_confirmed' to true for the item ### Index confirmations associated with a Postbox item - [GET /v1/postbox/items/{item_id}/confirmations](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-confirmations/solaris_postbox_item_confirmations_all.md): Returns an array containing all confirmations associated with the Postbox item specified in the request URL. Note that you can filter the results by created_at (min or max) and document_type—see the descriptions below. ### Retrieve a confirmation - [GET /v1/postbox/items/{item_id}/confirmations/{confirmation_id}](https://docs.solarisgroup.com/api-reference/onboarding/compliance/postbox-confirmations/solaris_postbox_item_confirmations_find.md): Returns the confirmation specified in the request URL. ## PSD2 account payment and consent ### Update challenge ID - [PATCH /v1/psd2/challenges/{psd2_challenge_id}](https://docs.solarisgroup.com/api-reference/onboarding/compliance/psd2-account-payment-and-consent/paths/~1v1~1psd2~1challenges~1%7Bpsd2_challenge_id%7D/patch.md): This endpoint updates the status of a psd2_challenge_id. After a customer enters their credentials on your login screen, use this endpoint to update the status of the psd2_challenge_id and include the person_id in the payload. If successful, the API returns a redirect_URL for the second-factor authentication (done by Solaris). You have to redirect the customer to this URL to perform the 2FA. Expected error messages: 401 - Unauthorized: The ChallengeID is expired. 404 - Not found: The ChallengeID doesn't exist. 400 - General Bad Request: The IBAN requested by the TPP does not belong to the specified person. ### Verify PSD2 challenge ID - [GET /v1/psd2/challenges/{psd2_challenge_id}](https://docs.solarisgroup.com/api-reference/onboarding/compliance/psd2-account-payment-and-consent/paths/~1v1~1psd2~1challenges~1%7Bpsd2_challenge_id%7D/get.md): This endpoint validates the psd2_challenge_id for a customer. Before allowing the customer to log in, you can use this endpoint to verify that the customer is coming from Solaris and that the session is still valid. If the request fails, the customer should see an error message and must restart the process from the TTP's application. Expected error messages: 401 - Unauthorized: The Challenge ID is expired. 404 - Not found: The Challenge ID doesn't exist. ## Questions and Answers ### Create an answer to a question - [PATCH /v1/question_set/{question_set_id}/questions/{question_id}/answer](https://docs.solarisgroup.com/api-reference/onboarding/compliance/questions-and-answers/paths/~1v1~1question_set~1%7Bquestion_set_id%7D~1questions~1%7Bquestion_id%7D~1answer/patch.md): Creates an answer to the question specified in the request URL by its ID. Please note the following: You must call this method for each question in a question set. If the question has an answer_type value of TEXT_AND_FILES, then you must upload the documents using POST Create a document for a person or POST Create a document for a business. Solaris will not review the answers to the questions in the question set until all of them have been marked as ready_for_review. ### List questions in a question set - [GET /v1/question_set/{question_set_id}](https://docs.solarisgroup.com/api-reference/onboarding/compliance/questions-and-answers/paths/~1v1~1question_set~1%7Bquestion_set_id%7D/get.md): Returns an array containing all of the questions in a question set (specified in the request URL by its ID). ## Terms and Conditions events ### Index Terms and Conditions events - [GET /v1/terms_and_conditions_events](https://docs.solarisgroup.com/api-reference/onboarding/compliance/terms-and-conditions-events/paths/~1v1~1terms_and_conditions_events/get.md): Returns an array containing all instances of customer agreements to the Solaris Terms and Conditions. ### Create Terms and Conditions event - [POST /v1/terms_and_conditions_events](https://docs.solarisgroup.com/api-reference/onboarding/compliance/terms-and-conditions-events/paths/~1v1~1terms_and_conditions_events/post.md): Records an instance of a customer (i.e., a person or a person on behalf of a business) accepting or rejecting a Solaris Terms and Conditions document.