User Status API #
Gateway Path: /User/{id}/status
Service: Authentication & Authorization
Method: GET
Auth: Bearer token in Authorization header
1) Overview & Purpose #
This endpoint returns the current verification and lifecycle status of a user. It is designed to be called anywhere in the system where a decision depends on whether the user has verified their email/phone, enrolled in SCA, completed additional questionnaires used by the Risk service, or reached a particular account lifecycle state.
2) Endpoint Definition #
HTTP: GET /User/{id}/status
Path Parameter
- id (integer, required) — The user ID (signed 32‑bit integer).
Headers
Authorization: Bearer <token>— valid access token.Accept: application/json(recommended)
Note: Provide a concrete numeric ID in the URL (e.g.,
/User/1234/status). Do not percent‑encode{id}.
3) Responses #
3.1 Success — 200 OK #
{
"isEmailVerified": false,
"isPhoneNumberVerified": false,
"isScaVerified": false,
"isAdditionalData": false,
"isOptionalKyc": false,
"status": 50
}
Field Reference #
- isEmailVerified (boolean) — Whether the user’s email is verified.
- isPhoneNumberVerified (boolean) — Whether the user’s phone number is verified.
- isScaVerified (boolean) — Whether the user has been created/enrolled in the SCA application.
- isAdditionalData (boolean) — Whether the user has completed the additional questionnaire used by the Risk service.
- isOptionalKyc (boolean) — Whether optional KYC has been completed (if applicable).
- status (integer) — Lifecycle status code (see table below).
Status Codes #
| Code | Name |
|---|---|
| 50 | Registered |
| 150 | Pending Verification |
| 200 | Active |
| 300 | Deactivated |
| 350 | Closed |
| 400 | Blocked |
Note: If you see examples with other numeric values (e.g.,
1), treat the table above as canonical.
3.2 Error — 5xx Server Error #
Returned for unexpected failures. Body may be empty (No Body) or include a problem-details payload, for example:
{
"type": null,
"title": null,
"status": null,
"detail": null,
"instance": null,
"ANY_ADDITIONAL_PROPERTY": "anything"
}
Other gateway errors (e.g., 401 Unauthorized) may occur if the Bearer token is missing or invalid.
4) Validation Rules #
- id must be a valid signed 32‑bit integer (range 1..2147483647).
- Request must include a valid Bearer token.
5) Examples #
5.1 cURL #
curl -X GET "https://api-test.10npay.com/User/1234/status" \ -H "Authorization: Bearer <YOUR_SECRET_TOKEN>" \ -H "Accept: application/json"
5.2 C# (.NET) #
using System.Net.Http.Headers; var client = new HttpClient(); var request = new HttpRequestMessage { Method = HttpMethod.Get, RequestUri = new Uri("https://api-test.10npay.com/User/1234/status"), Headers = { { "Authorization", "Bearer <YOUR_SECRET_TOKEN>" } } }; using var response = await client.SendAsync(request); response.EnsureSuccessStatusCode(); var body = await response.Content.ReadAsStringAsync(); Console.WriteLine(body);
5.3 JavaScript (fetch) #
const res = await fetch("https://api-test.10npay.com/User/1234/status", { method: "GET", headers: { "Authorization": "Bearer <YOUR_SECRET_TOKEN>" } }); if (!res.ok) throw new Error("Request failed: " + res.status); const data = await res.json(); console.log(data);
6) Usage Notes #
- Use this endpoint to guard flows that require verified contact details or SCA enrollment before proceeding (e.g., enabling payouts or high‑risk actions).
- If status ≠ 200 (Active), the UI may surface tailored next steps (e.g., “Verify your email” when
isEmailVerifiedisfalse). - Combine the boolean flags with the lifecycle
statuscode for precise gating logic.
7) Sequence #
Client → API Gateway: GET /User/{id}/status (Bearer)
API Gateway → Auth Service: Validate token
Auth Service → API Gateway: OK
API Gateway → User Service: Fetch verification flags & lifecycle status
User Service → API Gateway: Status payload
API Gateway → Client: 200 OK (JSON)