Profile Objects

Get Profile Data

GET /(company_code)/v2/aol/profile/(profile_code)

Get Profile data

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to get. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Response JSON Object:
 
  • status (string) – success or error
  • data (object) – Profile data object. Included fields depend on the role of authorized user.
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound

See Error Codes for details.

Update Profile Data

PUT /(company_code)/v2/aol/profile/(profile_code)

Update Profile data

All data fields in request JSON are optional, any field can be omitted if its data has not changed. Depending on roles of authorized user and updated profile, only part of data fields may be allowed for updates. Values of restricted fields in request JSON will be ignored.

If profile is stopped, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • nickname (string/null) – (Optional) Greeting name
  • name (string/null) – (Optional) Full name
  • shortname (string/null) – (Optional) Short name
  • fname (string/null) – (Optional) First name
  • mname (string/null) – (Optional) Middle name
  • lname (string/null) – (Optional) Last name
  • date_of_birth (string/null) – (Optional) Date of birth, ISO-formatted: YYYY-MM-DD
  • sex (string/null) – (Optional) Sex, code according to lookup table
  • secondary_phone (string/null) – (Optional) Secondary phone number
  • secondary_email (string/null) – (Optional) Secondary email address
  • subscriptions (integer) – (Optional) Bit mask of notification subscription settings
  • do_not_disturb_from (string/null) – (Optional) Do not disturb from time, ISO-formatted: HH:MM:SS
  • do_not_disturb_to (string/null) – (Optional) Do not disturb to time, ISO-formatted: HH:MM:SS
  • contact_tz (string/null) – (Optional) Profile time zone, code according to lookup table
  • attributes (array) – (Optional) Data objects for profile attributes (see below)
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Updated profile data object

Request attribute data fields

Each object in attributes request array has the following fields:

Field name Type Description
seq integer Attribute sequential number, 1 to 20
value string New attribute value

Sequential numbers must be the same as in attribute objects returned by API in profile data.

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound
  • request.validation.failed

See Error Codes for details.

Get Address Data

GET /(company_code)/v2/aol/profile/(profile_code)/address/(int: address_id)

Get Profile Address data

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile with requested address. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • address_id – ID of requested address
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Profile Address data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound

See Error Codes for details.

Update Address Data

PUT /(company_code)/v2/aol/profile/(profile_code)/address/(int: address_id)

Update Profile Address data

If profile is stopped, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • address_id – ID of updated address
Request JSON Object:
 
  • country (string/null) – Country ID, alpha-2 ISO code according to lookup table
  • postal_code (string/null) – Postal code
  • address_line1 (string/null) – Address line 1
  • address_line2 (string/null) – Address line 2
  • address_line3 (string/null) – Address line 3
  • address_line4 (string/null) – Address line 4
  • region_code (string/null) – Region code
  • region_type (string/null) – Region type (short)
  • region_type_full (string/null) – Region type
  • region (string/null) – Region
  • area_code (string/null) – Area code
  • area_type (string/null) – Area type (short)
  • area_type_full (string/null) – Area type
  • area (string/null) – Area
  • city_code (string/null) – City code
  • city_type (string/null) – City type (short)
  • city_type_full (string/null) – City type
  • city (string/null) – City
  • settlement_code (string/null) – Settlement code
  • settlement_type (string/null) – Settlement type (short)
  • settlement_type_full (string/null) – Settlement type
  • settlement (string/null) – Settlement
  • street_code (string/null) – Street code
  • street_type (string/null) – Street type (short)
  • street_type_full (string/null) – Street type
  • street (string/null) – Street
  • house_code (string/null) – House code
  • house_type (string/null) – House type (short)
  • house_type_full (string/null) – House type
  • house (string/null) – House
  • block_type (string/null) – Block/building type (short)
  • block_type_full (string/null) – Block/building type
  • block (string/null) – Block/building
  • flat_type (string/null) – Flat/apartment type (short)
  • flat_type_full (string/null) – Flat/apartment type
  • flat (string/null) – Flat/apartment
  • military_unit (string/null) – Military unit
  • postal_box (string/null) – Post office box
  • external_id (string/null) – Identifier in external system
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Updated Profile Address data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • request.validation.failed
  • object.id.notfound

See Error Codes for details.

Get Identifier Data

GET /(company_code)/v2/aol/profile/(profile_code)/identifier/(int: identifier_id)

Get Profile Identifier data

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile with requested identifier. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • identifier_id – ID of requested identifier
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Profile Identifier data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound

See Error Codes for details.

Update Identifier Data

PUT /(company_code)/v2/aol/profile/(profile_code)/identifier/(int: identifier_id)

Update Profile Identifier data

If profile is stopped, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • identifier_id – ID of updated identifier
Request JSON Object:
 
  • identifier_type (string/null) – Identifier type code according to lookup table
  • identifier_sr (string/null) – Identifier series
  • identifier_nr (string/null) – Identifier number
  • country (string/null) – Country ID, alpha-2 ISO code according to lookup table
  • date_of_issue (date/null) – Date of issue, ISO-formatted: YYYY-MM-DD
  • date_of_expiration (date/null) – Date of expiration, ISO-formatted: YYYY-MM-DD
  • authority (string/null) – Identifier issuing authority
  • authority_code (string/null) – Identifier issuing authority code
  • fname (string/null) – First name
  • mname (string/null) – Middle name
  • lname (string/null) – Last name
  • sex (string/null) – Sex, code according to lookup table
  • date_of_birth (date/null) – Date of birth, ISO-formatted: YYYY-MM-DD
  • place_of_birth (string/null) – Place of birth
  • nationality (string/null) – Nationality
  • endorsement (string/null) – Endorsement
  • external_id (string/null) – Identifier in external system
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Updated Profile Identifier data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • request.validation.failed
  • object.id.notfound

See Error Codes for details.

Set Control Question

POST /(company_code)/v2/aol/profile/(profile_code)/controlquestion

Set control question and answer for access recovery

This is only allowed for authorized user’s own profile and if client application is set up for SMS MFA scheme.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • control_question (string) – New control question
  • control_answer (string) – New correct answer to control question
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Updated profile data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • request.validation.failed
  • auth.restricted

See Error Codes for details.

Generate Backup Codes

POST /(company_code)/v2/aol/profile/(profile_code)/backupcodes

Generate new backup codes

Generates and returns a new set of ten one-time backup security codes. This endpoint is only allowed for authorized user’s own profile and if client application is set up for SMS MFA scheme.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (array) – Array of ten generated backup codes as strings

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.restricted

See Error Codes for details.

Set or Change Password

POST /(company_code)/v2/aol/profile/(profile_code)/password

Set or change profile password

Users can change login password for their own profiles. If no password was set for user’s profile before, old_password request field is not verified and can be an empty string. Otherwise, it must contain valid current user password. On invalid old password, auth.password.invalid error code is returned.

If quality of supplied new password is too low, returns request.validation.failed error code with HTTP status code 422.

On successful password set or change, current session token will be invalidated and a new one issued.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • old_password (string/null) – (Optional) Old user password for verification
  • new_password (string) – New profile password
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • session_token (string) – User session token
  • session_state (string) – User session state: authorized. See User Sessions
  • profile_mnemocode (string) – Mnemocode of user’s profile

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.password.invalid
  • request.validation.failed
  • auth.restricted

See Error Codes for details.

Enable/Disable OTP MFA

POST /(company_code)/v2/aol/profile/(profile_code)/otpenabled

Enable or disable one-time password multi-factor authentication for profile

Multi-factor authentication support can be enabled or disabled for a client application.

OTP cannot be enabled or disabled for users of an application with disabled MFA.

To enable or disable OTP, profile must have primary phone set and user must supply a confirmation code sent to user’s phone number.

This endpoint is only allowed for authorized user’s own profile. To confirm enabling or disabling OTP, client application should use otpenabled/confirm endpoint next within lifetime of otpenabled request data stored at the platform.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • otp_enabled_flag (boolean) – Enable or disable multi-factor authentication
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.restricted
  • request.validation.failed

See Error Codes for details.

Confirm Enabling/Disabling OTP MFA

POST /(company_code)/v2/aol/profile/(profile_code)/otpenabled/confirm

Confirm enabling or disabling OTP multi-factor authentication

Client application starts procedure by calling otpenabled endpoint.

To confirm enabling or disabling MFA, user must enter one-time password (code) received in SMS. Client application supplies this code in otp request field.

This endpoint is only allowed for authorized user’s own profile.

When auth.otp.invalid is returned, client application must start procedure again by calling otpenabled endpoint.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • otp (string) – (Optional) One-time password (code) entered by user
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Data object of updated profile

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.restricted
  • auth.otp.invalid
  • request.validation.failed

See Error Codes for details.

Change Primary Email

POST /(company_code)/v2/aol/profile/(profile_code)/primaryemail

Change primary email address

User with sufficient access permissions can change primary email for another user’s profile. In this case, no email address verification is performed and profile is updated immediately. Updated profile data is returned and verification response field is set to NONE.

Users can change primary email of their own profiles. In this case, confirmation message is sent to user’s email. No profile data is returned and verification response field is set to LINK. Client application should use primaryemail/confirm endpoint next within confirmation link lifetime.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • primary_email (string) – New primary email address
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • verification (string) – Type of verification required: LINK or NONE
  • data (object) – (Optional) If verification is NONE: Data object of updated profile

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.restricted
  • profile.identifier.used
  • profile.identifier.invalid
  • request.validation.failed

See Error Codes for details.

Confirm Changing Primary Email

POST /(company_code)/v2/aol/profile/primaryemail/confirm

Confirm changing primary email address

This endpoint verifies confirmation link sent to user’s email by primaryemail endpoint. Profile of user requesting primary email address change is determined from confirmation token in token request field. Session token in Authorization header is not needed so email confirmation link can be opened on any device.

If supplied email address is already used, profile.identifier.used error is returned.

If token from link is valid and new email address is acceptable, primary email address is changed for user profile. User is not authorized by this endpoint, no session token or updated profile data is returned.

Request JSON Object:
 
  • token (string) – Confirmation token from link sent to email address
  • captcha_response (string) – User captcha response token, as provided by Recaptcha
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.token.expired
  • auth.token.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.captcha.invalid
  • object.id.notfound
  • auth.restricted
  • profile.identifier.used
  • profile.identifier.invalid
  • request.validation.failed

See Error Codes for details.

Change Primary Phone

POST /(company_code)/v2/aol/profile/(profile_code)/primaryphone

Change primary phone number

User with sufficient access permissions can change primary phone for another user’s profile. In this case, no phone number verification is performed and profile is updated immediately. Updated profile data is returned and verification response field is set to NONE.

Users can change primary phone of their own profiles. In this case, confirmation OTP is sent to user’s phone. No profile data is returned and verification response field is set to SMS. To complete changing primary phone number, client application should use primaryphone/confirm endpoint next within OTP lifetime.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • primary_phone (string) – New primary phone number
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • verification (string) – Type of verification required: SMS or NONE
  • data (object) – (Optional) If verification is NONE: Data object of updated profile

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.restricted
  • profile.identifier.used
  • request.validation.failed

See Error Codes for details.

Confirm Changing Primary Phone

POST /(company_code)/v2/aol/profile/(profile_code)/primaryphone/confirm

Confirm changing primary phone number

After primaryphone endpoint returns verification field set to SMS, client application should use this endpoint supplying confirmation OTP entered by user.

This endpoint is only allowed for authorized user’s own profile.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • otp (string) – Confirmation OTP entered by user
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Data object of updated profile

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound
  • auth.otp.invalid
  • profile.identifier.used
  • request.validation.failed

See Error Codes for details.

Set OAuth User ID

POST /(company_code)/v2/aol/profile/(profile_code)/oauthid

Set profile OAuth user ID for user authentication

Verifies OAuth user authorization code with one of configured OAuth providers and stores OAuth user ID for user authentication using specified OAuth provider.

If successfully verified OAuth user ID is already used for another profile, profile.identifier.used error code is returned.

If null is given as OAuth code, OAuth user ID is cleared. No OAuth verification is performed in this case.

This is only allowed for authorized user’s own profile.

Request Headers:
 
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • provider_id (integer) – ID of OAuth provider, must be in range of 1 to 5
  • code (string/null) – OAuth code, as received from OAuth provider, or null to clear OAuth user ID
  • redirect_uri (string/null) – Redirect URI, as passed to OAuth provider, or null to clear OAuth user ID
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Updated profile data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • object.id.notfound
  • auth.oauth.failed
  • profile.identifier.used
  • request.validation.failed
  • auth.restricted

See Error Codes for details.

Close Profile

POST /(company_code)/v2/aol/profile/(profile_code)/close

Set Profile Closed status

This endpoint is affected by critical change authentication configuration.

If called for own profile and profile is stopped, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • password (string) – (Optional) Password of authorized user for critical change authentication
  • otp (string) – (Optional) One-time password from SMS for critical change authentication
Response JSON Object:
 
  • status (string) – success or error
  • data (object) – Updated profile data object
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • critical_auth_method (string) – (Optional) If error_code is critical.auth.required: required field for request with critical change authentication: password or otp

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • critical.auth.required
  • auth.password.invalid
  • auth.otp.invalid
  • object.id.notfound

See Error Codes for details.

Change Locked Status

POST /(company_code)/v2/aol/profile/locked

Update Profile Locked status

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Request JSON Object:
 
  • profile_codes (array) – Codes of profiles to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • is_locked (boolean) – New state of Profile Locked flag
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (array) – Operation result objects

Operation result fields

Each object in data response array has the following fields:

Field name Type Description
profile_code string Profile code from request
status string Operation status, success or error
error_code string (Optional) If status is error: one of error codes listed below
data object Updated profile data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound
  • request.validation.failed

See Error Codes for details.

Require Password Reset

POST /(company_code)/v2/aol/profile/passwordreset

Set Password Reset Required status

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Request JSON Object:
 
  • profile_codes (array) – Codes of profiles to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (array) – Operation result objects

Operation result fields

Each object in data response array has the following fields:

Field name Type Description
profile_code string Profile code from request
status string Operation status, success or error
error_code string (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound

See Error Codes for details.

Set Stop Status

POST /(company_code)/v2/aol/profile/stop

Set Profile Stop status

This endpoint is affected by critical change authentication configuration.

If profile is stopped, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Request JSON Object:
 
  • profile_codes (array) – Codes of profiles to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
  • password (string) – (Optional) Password of authorized user for critical change authentication
  • otp (string) – (Optional) One-time password from SMS for critical change authentication
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • critical_auth_method (string) – (Optional) If error_code is critical.auth.required: required field for request with critical change authentication: password or otp
  • data (array) – Operation result objects

Operation result fields

Each object in data response array has the following fields:

Field name Type Description
profile_code string Profile code from request
status string Operation status, success or error
error_code string (Optional) If status is error: one of error codes listed below
data object Updated profile data object

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • critical.auth.required
  • auth.password.invalid
  • auth.otp.invalid
  • object.id.notfound

See Error Codes for details.

List Entries

GET /(company_code)/v2/aol/profile/(profile_code)/entry

Get data of Entries for profile

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to get. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Query Parameters:
 
  • status (string) – (Optional) Entry status code to filter results by, or comma-separated list of codes
  • product_class (string) – (Optional) Product class code to filter results by, or comma-separated list of codes
  • entry_class (string) – (Optional) Entry class name to filter results by, or comma-separated list of names
Response JSON Object:
 
  • status (string) – success or error
  • data (array) – Entry data objects. Included fields depend on the role of authorized user.
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound
  • request.validation.failed

See Error Codes for details.

Enroll Entry

POST /(company_code)/v2/aol/profile/(profile_code)/entry

Enroll new Entry for profile

This endpoint is used to enroll (create) an entry representing a bank card, bonus account, cashback account etc. that a client already has.

If invalid entry class is supplied, returns request.validation.failed error code. If entry with supplied external ID already exists, returns auth.restricted error code.

If profile stop flag is true, returns auth.restricted error code.

If product status or application primary product status is S or C, returns auth.restricted error code.

If user needs to accept legal disclaimers to enroll entry of supplied entry class, accept_disclaimers array in request must contain codes of all required disclaimers for this endpoint to succeed. Otherwise, auth.disclaimer.invalid error code is returned.

If entry class is configured for entry enroll using OAuth, users with CLIENT role must supply oauth_code and oauth_redirect_uri request fields instead of entry data fields. OAuth verification is performed and entry data is received from OAuth provider.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • entry_class (string) – Name of entry class for new entry
  • external_id (string) – (Optional) External ID for new entry
  • entry_nr (string/null) – (Optional) Entry number
  • entry_date (string) – (Optional) Date of entry becoming effective
  • name (string/null) – (Optional) Entry name for display
  • details (string/null) – (Optional) Entry details text
  • attributes (array) – (Optional) Data objects for entry attributes (see below)
  • accept_disclaimers (array) – (Optional) Array of string codes of disclaimers accepted by user
  • oauth_code (string) – (Optional) OAuth code, as received from OAuth provider
  • oauth_redirect_uri (string) – (Optional) Redirect URI, as passed to OAuth provider
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Data object of created entry

Request attribute data fields

Each object in attributes request array has the following fields:

Field name Type Description
seq integer Attribute sequential number, 1 to 20
value string New attribute value

Sequential numbers must be the same as in attribute objects returned by API in entry data.

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.oauth.failed
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • auth.disclaimer.invalid
  • object.id.notfound
  • request.validation.failed

See Error Codes for details.

Sign Up for Entry

POST /(company_code)/v2/aol/profile/(profile_code)/entry/signup

Sign up for new Entry for profile

This endpoint is used to sign up for an entry representing a new bonus account, cashback account etc. that a client does not have yet.

If invalid entry class is supplied, returns request.validation.failed error code.

If profile is stopped, returns auth.restricted error code.

If product status or application primary product status is S or C, returns auth.restricted error code.

If user needs to accept legal disclaimers to sign up for entry of supplied entry class, accept_disclaimers array in request must contain codes of all required disclaimers for this endpoint to succeed. Otherwise, auth.disclaimer.invalid error code is returned.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to update. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Request JSON Object:
 
  • entry_class (string) – Name of entry class for new entry
  • accept_disclaimers (array) – (Optional) Array of string codes of disclaimers accepted by user
Response JSON Object:
 
  • status (string) – success or error
  • error_code (string) – (Optional) If status is error: one of error codes listed below
  • data (object) – Data object of created entry

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • auth.disclaimer.invalid
  • object.id.notfound
  • request.validation.failed

See Error Codes for details.

Create Profile

POST /(company_code)/v2/aol/profile

Create new CLIENT Profile

This endpoint allows authorized users with PARTNER role to create new profiles with CLIENT role. Depending on the role of created profile, either primary_phone, or primary_email value must be supplied and will become the primary identifier for new profile.

If any of supplied data field values (data object) fail validation, all data fields will be ignored.

If application primary product status is S or C, returns auth.restricted error code.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Request JSON Object:
 
  • primary_phone (string/null) – (Optional) Primary phone number for new profile
  • primary_email (string/null) – (Optional) Primary email address for new profile
  • data (object) – (Optional) Data fields for new profile (see below)
Response JSON Object:
 
  • status (string) – success or error
  • data (object) – Data object of created profile
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Profile data fields

If included in request, data object can have following optional fields:

Field name Type Nullable Description
nickname string Yes Greeting name
name string Yes Full name
shortname string Yes Short name
fname string Yes First name
mname string Yes Middle name
lname string Yes Last name
date_of_birth string Yes Date of birth, ISO-formatted: YYYY-MM-DD
sex string Yes Sex, code according to lookup table
subscriptions integer No Bit mask of notification subscription settings
do_not_disturb_from string Yes Do not disturb from time, ISO-formatted: HH:MM:SS
do_not_disturb_to string Yes Do not disturb to time, ISO-formatted: HH:MM:SS
contact_tz string Yes Profile time zone, code according to lookup table
attributes array Yes Data objects for profile attributes (see below)
external_id string Yes Profile external ID

Client application should only include data fields that it has data for. Avoid null values for unused fields as this can overwrite default values generated at profile creation time.

Attribute data fields

Each object in attributes array of request profile data object has the following fields:

Field name Type Description
seq integer Attribute sequential number, 1 to 10
value string New attribute value

Sequential numbers must be the same as in attribute objects returned by API in profile data.

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • profile.identifier.used
  • request.validation.failed

See Error Codes for details.

Get OTT Balance

GET /(company_code)/v2/aol/profile/(profile_code)/ottbalance

Get OTT bonus points balance for profile

Requested profile must have CLIENT role and entry with OTT UID.

Request Headers:
 
  • AuthorizationBearer <session_token>, or Signature <signature>
Parameters:
  • profile_code – Code of profile to get. Profile mnemocode is accepted for all users. If user role is PARTNER, profile external ID for CLIENT role profiles is checked before mnemocode.
Response JSON Object:
 
  • status (string) – success or error
  • data (integer/null) – OTT balance (null if OTT returned no balance data)
  • error_code (string) – (Optional) If status is error: one of error codes listed below

Error codes used

  • auth.apikey.missing
  • auth.apikey.invalid
  • auth.header.missing
  • auth.header.invalid
  • auth.token.invalid
  • auth.token.expired
  • auth.session.invalid
  • auth.user.restricted
  • auth.user.closed
  • auth.user.denied
  • auth.restricted
  • object.id.notfound

See Error Codes for details.