# Weavr Multi Product BackOffice API

Weavr Multi Back Office API allows you, as an innovator, to perform various back office operations concerning
identities and their instruments, without requiring the users to be logged in.

A token is to be obtained through the `access_token` method, and this will allow relevant operations
to be performed on behalf of this same identity.


Version: v3

## Servers

Weavr Sandbox Environment
```
https://sandbox.weavr.io/multi/backoffice
```

## Security

### api_key

The API Key representing your Multi account.

Type: apiKey
In: header
Name: api-key

### auth_token

The authentication token representing the user. This will be included in the login response object.

Type: http
Scheme: bearer
Bearer Format: JWT

## Download OpenAPI description

[Weavr Multi Product BackOffice API](https://api.weavr.io/_bundle/products/multi-backoffice/openapi.yaml)

## Access Token

Acquire a token granting you access to perform sensitive operations on behalf of an identity.


### Acquire a new access token

 - [POST /access_token](https://api.weavr.io/products/multi-backoffice/openapi/access-token/requestaccesstoken.md): Acquire a Bearer token granting you access to securely perform delegated access operations on behalf of the given identity.

The token representing the identity should be included in the Authorization header of all requests to endpoints representing Delegated Access operations.

## User Impersonation

### Impersonate login for an identity (deprecated)

 - [POST /impersonate_identity_login](https://api.weavr.io/products/multi-backoffice/openapi/user-impersonation/impersonateidentitylogin.md): Get a token representing the given identity. This token can then be used to authorise certain secure
operations on behalf of the identity.

## Corporates

### Charge fee to a corporate (deprecated)

 - [POST /corporates/fees/charge](https://api.weavr.io/products/multi-backoffice/openapi/corporates/corporatechargefee.md): Charge a fee to the corporate identified by the auth token, based on a pre-defined custom fee. Custom fees can be configured in the Multi Portal.

The fees collected will be deposited into your Revenue Account. The balance and transaction history of your revenue account can be viewed in the Multi Portal.

## Consumers

### Charge fee to a consumer (deprecated)

 - [POST /consumers/fees/charge](https://api.weavr.io/products/multi-backoffice/openapi/consumers/consumerchargefee.md): Charge a fee to the logged-in consumer based on a pre-defined custom fee. Custom fees can be configured in the Multi Portal.

The fees collected will be deposited into your Revenue Account. The balance and transaction history of your revenue account can be viewed in the Multi Portal.

## Authorised Users

Corporate and Consumer identities can invite authorised users to access their account. Once on-boarded, authorised users can create and manage instruments and transactions on behalf of the identity they are on-boarded with.      
With the `access_token` representing the identity and the consent of the identity, you will be able to create and invite authorised users for the Identity.

Creating and inviting users on behalf of identities are restricted features; by default these endpoints are not available for use.


### Create a user

 - [POST /users](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/usercreate.md): Creates a user linked to the identity represented by the access_token.
        
Creating authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use.

### Deactivate a user

 - [POST /users/{user_id}/deactivate](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/userdeactivate.md): De-activate the user identified by the user_id path parameter.

Deactivated users cannot log in or execute any operations with their credentials.

This operations is not final and a user can be re-activated using the userActivate operation. Note that another active user would need to log in so as to re-activate the de-activated user.

Please contact our support team or your account manager to request access to this endpoint.

### Send a user invite

 - [POST /users/{user_id}/invite](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/userinvitesend.md): Once a user is created using the userCreate operation, the user needs to setup his/her password.

An invitation needs to be sent to the user in order to be able to set up the password for the first time. The invitation email, which remains valid for 1 month, will contain a URL having all information required to setup the password.

Inviting authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use.

## Managed Accounts

Managed Accounts are a type of financial instrument offered by Weavr. They hold funds for their owner, and can be upgraded to IBANs so as to receive and send funds to instruments outside of the Weavr Platform, via Wire Transfers.
These accounts can also be used as sources and destinations in the `transfer` transaction.

With the `access_token` representing the identity and the consent of the identity, you will be able to operations on the identity's managed accounts, such as getting a managed account's details and retrieving its statement.


### Get a managed account

 - [GET /managed_accounts/{id}](https://api.weavr.io/products/multi-backoffice/openapi/managed-accounts/managedaccountget.md): Fetch the managed account identified by the id in path.

### Get a managed account statement

 - [GET /managed_accounts/{id}/statement](https://api.weavr.io/products/multi-backoffice/openapi/managed-accounts/managedaccountstatement.md): Returns a list of transactions against the managed account identified by the id path parameter, matching the criteria provided in the request.

## Managed Cards

Managed Cards are a type of financial instrument offered by Weavr. 
Cards created in prepaid mode have their own balance, whereas those created in debit mode tap into the balance of their parent Managed Accounts. 
Apart from being used at merchants for puchases, prepaid mode cards can also be used as sources and destinations in the `transfer` transaction.

With the `access_token` representing the identity and the consent of the identity, you will be able to perform operations on the identity's Managed Cards,
such as getting a Managed Card's details and managing its spend rules.


### Get a managed card

 - [GET /managed_cards/{id}](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardget.md): Returns all details of the managed card identified by the id path parameter.

### Update a managed card's renewal type

 - [PATCH /managed_cards/{id}/renewal](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardrenewaltypeupdate.md): Update the renewal type of the managed card identified by the id path parameter.

Please contact our support team or your account manager to request access to this endpoint.

### Remove a managed card

 - [POST /managed_cards/{id}/remove](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardremove.md): Destroys the managed card identified by the id path parameter. Unlike block, this action is not reversible.

A managed card must be empty before it can be destroyed using this operation.

### Block a managed card

 - [POST /managed_cards/{id}/block](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardblock.md): Blocks the managed card identified by the id path parameter. This is a reversible action and the card can be unblocked using the _managedCardUnblock_ operation.

### Unblock a managed card

 - [POST /managed_cards/{id}/unblock](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardunblock.md): Unblocks the managed card identified by the id path parameter.
The managed card must have state.blockedReason as USER so that it can be unblocked.
If the managed card was blocked by SYSTEM, users cannot unblock it.

### Get all spend rules for a managed card

 - [GET /managed_cards/{id}/spend_rules](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardspendrulesget.md): Fetch the list of spend rules associated with the managed card identified by the id path parameter.

### Create spend rules for a managed card

 - [POST /managed_cards/{id}/spend_rules](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardspendrulescreate.md): Create the spend rules associated with the managed card identified by the id path parameter.

### Update spend rules for a managed card

 - [PATCH /managed_cards/{id}/spend_rules](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardspendrulesupdate.md): Must be user after a POST, to update individual spend rules associated with the managed card identified by the id path parameter.

### Delete all spend rules for a managed card

 - [DELETE /managed_cards/{id}/spend_rules](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardspendrulesdelete.md): Remove all spend rules associated with the managed card identified by the id path parameter.

### Get a managed card statement

 - [GET /managed_cards/{id}/statement](https://api.weavr.io/products/multi-backoffice/openapi/managed-cards/managedcardstatement.md): Returns a list of transactions against the managed card identified by the id path parameter, matching the criteria provided in the request.

## Transfers

### Create a transfer transaction

 - [POST /transfers](https://api.weavr.io/products/multi-backoffice/openapi/transfers/transfercreate.md): Transfers funds between managed accounts and managed cards belonging to the same corporate or consumer identity.

The Transfer Profile (configured in the Multi Portal) specified determines the behaviour and restrictions of the transaction (for example, fees).

### Get all transfer transactions

 - [GET /transfers](https://api.weavr.io/products/multi-backoffice/openapi/transfers/transfersget.md): Retrieves all the transfer transactions performed by the logged-in identity.

### Get a transfer transaction

 - [GET /transfers/{id}](https://api.weavr.io/products/multi-backoffice/openapi/transfers/transferget.md): Retrieve the transfer transaction identified by the id path parameter.

## Fees

### Charge identity a pre-defined custom fee

 - [POST /fees/charge](https://api.weavr.io/products/multi-backoffice/openapi/fees/chargefee.md): Charge a fee to the identity identified by the auth token, based on a pre-defined custom fee. Custom fees can be configured in the Multi Portal.

The fees collected will be deposited into your Revenue Account. The balance and transaction history of your revenue account can be viewed in the Multi Portal.

## Operations

### Update spend rules for a managed card

 - [PATCH /bulks/managed_cards/_id_/spend_rules](https://api.weavr.io/products/multi-backoffice/openapi/operations/bulksmanagedcardspendrulesupdate.md): Submit the details to update the spend rules of Managed Cards.

The  bulkId returned in the response can subsequently be used to launch the updating of Managed Card spend rules process through . A submitted bulk process can be managed (executed, accessed, paused, resumed and cancelled) by any other Authorised User of the same identity of the user that submits the details.

The status of the bulk process after execution of this operation is set to ‘SUBMITTED’. The execution of the bulk process is launched through the Execute bulk process operation.

The submission of data for a bulk process does not expire but it can be cancelled through .

The system is configured to accept bulk requests to process up to a maximum of 10,000 bulk operations.

Each spend rules update operation in this bulk process is processed via  Update a Managed Card.

### Create transfer transactions in bulk

 - [POST /bulks/transfers](https://api.weavr.io/products/multi-backoffice/openapi/operations/bulkstransfercreate.md): Submit the details for the creation of a batch of Transfers.

The bulkId returned in the response can subsequently be used to launch the execution of the bulk process through Execute Bulk Process. A submitted bulk process can be managed (executed, accessed, paused, resumed and cancelled) by any Authorised User of the same identity of the user that submits the details.

The status of the bulk process after execution of this operation is set to ‘SUBMITTED’. The execution of the bulk process is launched through the Execute bulk process operation.

The submission of data for a bulk process does not expire but it can be cancelled through Cancel Bulk Process.

The system is configured to accept bulk requests to process up to a maximum of 10,000 bulk operations.

Each individual operation in this bulk will be processed via Create a Transfer Transaction.

## Manage

### Get all bulk processes

 - [GET /bulks](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulks.md): Filter bulk processes.

### Get bulk process

 - [GET /bulks/{bulk_id}](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkid.md): Retrieves details on the bulk process identified by the bulk_id parameter.

### Get all operations in a bulk

 - [GET /bulks/{bulk_id}/operations](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkidoperations.md): Retrieves the bulk process operations that match the query parameters.

### Execute bulk process

 - [POST /bulks/{bulk_id}/execute](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkidexecute.md): Launches execution of operations of any bulk process identified by the bulk_id  parameter.

The status of the bulk process has to be in a ‘SUBMITTED’ state and after execution initiates, the bulk process state is set to ‘RUNNING’.

The final state of execution can be any of

COMPLETED: the execution of the bulk process is complete and all bulk operations of the bulk process were executed successfully

FAILED:  none of the operations of the bulk process have executed.

PARTIALLY_COMPLETED: the execution of the bulk process is complete and some of the bulk operations of the bulk process failed.

This operation is asynchronous and will return immediately. You can track the status of the execution of the bulk process through Get bulk process. You can also pause execution through _bulkIdPause_

### Pause bulk process

 - [POST /bulks/{bulk_id}/pause](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkidpause.md): Pauses the execution of operations of the bulk process that is in state ‘RUNNING’ as identified by the bulk_id  parameter.

The status of the bulk process after execution of this operation is set to ‘PAUSED’

The execution can be resumed through _bulkIdResume_

### Resume bulk process

 - [POST /bulks/{bulk_id}/resume](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkidresume.md): Resumes the execution of operations of the bulk process that is in state ' PAUSED' as identified by the bulk_id parameter.

The status of the bulk process after execution of this operation is set back to ‘RUNNING’

### Cancel bulk process

 - [POST /bulks/{bulk_id}/cancel](https://api.weavr.io/products/multi-backoffice/openapi/manage/bulkidcancel.md): Cancels the execution of operations of a bulk process that is in state ‘PAUSED’ or ‘RUNNING’ as identified by the bulk_id parameter.

The status of the bulk process after execution of this operation is set  to ‘CANCELLED’. This is a final state and a cancelled bulk process cannot be resumed.