Skip to content
/
Deactivate a user

Weavr Multi Product BackOffice API (v3)

Weavr Multi Back Office API allows you, as an innovator, to perform various back office operations concerning identities and their instruments, without requiring the users to be logged in.

A token is to be obtained through the access_token method, and this will allow relevant operations to be performed on behalf of this same identity.

Download OpenAPI description
openapi.json
openapi.yaml
Overview
URL
https://weavr.io
Languages
Servers
Mock server
https://api.weavr.io/_mock/products/multi-backoffice/openapi
Weavr Sandbox Environment
https://sandbox.weavr.io/multi/backoffice

Access Token

Acquire a token granting you access to perform sensitive operations on behalf of an identity.

Operations

User Impersonation

Operations

Corporates

Operations

Consumers

Operations

Authorised Users

Corporate and Consumer identities can invite authorised users to access their account. Once on-boarded, authorised users can create and manage instruments and transactions on behalf of the identity they are on-boarded with.
With the access_token representing the identity and the consent of the identity, you will be able to create and invite authorised users for the Identity.

Creating and inviting users on behalf of identities are restricted features; by default these endpoints are not available for use.

Operations

Create a user

Request

Creates a user linked to the identity represented by the access_token.

Creating authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use.

Security
auth_token and api_key
Headers
idempotency-refstring

A unique call reference generated by the caller that, taking into consideration the payload as well as the operation itself, helps avoid duplicate operations. Idempotency reference uniqueness is maintained for at least 24 hours.

Bodyapplication/jsonrequired
namestring[ 1 .. 50 ] charactersrequired

The first name of the user.

surnamestring[ 1 .. 50 ] charactersrequired

The last name of the user.

emailstring(email)(Email)required

E-mail Address of the user

mobileobject(Mobile)
dateOfBirthobject(Date)

Date of birth of the authorised user.

tagstring(Tag)<= 50 characters^[a-zA-Z0-9_-]+$

The tag field is a custom field that can be used to search and filter.

countryOfResidencestring= 2 characters^[A-Z]+$
localestring(UserLocale)<= 5 characters^[a-z]{2}(-[A-Z]{2})?$

BCP47 locale code (e.g. en, en-US). The locale determines which email and SMS user notification templates are used.

brandstring(Brand)<= 25 characters^[a-zA-Z0-9]+$

Brand identifier used to determine the set of email and SMS user notification templates. Must be alphanumeric, up to 25 characters, and contain no spaces.

curl -i -X POST \
  https://api.weavr.io/_mock/products/multi-backoffice/openapi/users \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -H 'api-key: YOUR_API_KEY_HERE' \
  -H 'idempotency-ref: string' \
  -d '{
    "name": "string",
    "surname": "string",
    "email": "user@example.com",
    "mobile": {
      "countryCode": "stri",
      "number": "string"
    },
    "dateOfBirth": {
      "year": 1900,
      "month": 1,
      "day": 1
    },
    "tag": "string",
    "countryOfResidence": "st",
    "locale": "en-GB",
    "brand": "string"
  }'

Responses

Success

Headers
request-refstringrequired

A request identifier. Providing this reference when contacting our support team will help us investigate your query.

Bodyapplication/json
idstring^[0-9]+$required

The unique identifier of the user.

identityobject(IdentityId)required

The identity that the user belongs to.

identity.​typestringrequired

Indicates the identity type.

Enum"CONSUMER""CORPORATE"
identity.​idstring^[0-9]+$required

The identifier for the identity.

namestring<= 100 charactersrequired

The first name of the user.

surnamestring<= 100 charactersrequired

The last name of the user.

emailstring(email)(Email)required

E-mail Address of the user

mobileobject(Mobile)
activebooleanrequired

The state of the user. If the active attribute is false, then the user will not be able to log in.

dateOfBirthobject(Date)

Date of birth of the authorised user.

tagstring(Tag)<= 50 characters^[a-zA-Z0-9_-]+$

The tag field is a custom field that can be used to search and filter.

countryOfResidencestring= 2 characters^[A-Z]+$
localestring(UserLocale)<= 5 characters^[a-z]{2}(-[A-Z]{2})?$

BCP47 locale code (e.g. en, en-US). The locale determines which email and SMS user notification templates are used.

brandstring(Brand)<= 25 characters^[a-zA-Z0-9]+$

Brand identifier used to determine the set of email and SMS user notification templates. Must be alphanumeric, up to 25 characters, and contain no spaces.

Response
application/json
{
  "id": "string",
  "identity": {
    "type": "CONSUMER",
    "id": "string"
  },
  "name": "string",
  "surname": "string",
  "email": "user@example.com",
  "mobile": {
    "countryCode": "stri",
    "number": "string"
  },
  "active": true,
  "dateOfBirth": {
    "year": 1900,
    "month": 1,
    "day": 1
  },
  "tag": "string",
  "countryOfResidence": "st",
  "locale": "en-GB",
  "brand": "string"
}

Deactivate a user

Request

De-activate the user identified by the user_id path parameter.

Deactivated users cannot log in or execute any operations with their credentials.

This operations is not final and a user can be re-activated using the userActivate operation. Note that another active user would need to log in so as to re-activate the de-activated user.

Please contact our support team or your account manager to request access to this endpoint.

Security
auth_token and api_key
Path
user_idstring(UserId)^[0-9]+$required

The unique identifier for the user.

curl -i -X POST \
  'https://api.weavr.io/_mock/products/multi-backoffice/openapi/users/{user_id}/deactivate' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'api-key: YOUR_API_KEY_HERE'

Responses

Success - No Content.

Headers
request-refstringrequired

A request identifier. Providing this reference when contacting our support team will help us investigate your query.

Response
No content

Send a user invite

Request

Once a user is created using the userCreate operation, the user needs to setup his/her password.

An invitation needs to be sent to the user in order to be able to set up the password for the first time. The invitation email, which remains valid for 1 month, will contain a URL having all information required to setup the password.

Inviting authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use.

Security
auth_token and api_key
Path
user_idstring(UserId)^[0-9]+$required

The unique identifier for the user.

curl -i -X POST \
  'https://api.weavr.io/_mock/products/multi-backoffice/openapi/users/{user_id}/invite' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'api-key: YOUR_API_KEY_HERE'

Responses

Success - No Content.

Headers
request-refstringrequired

A request identifier. Providing this reference when contacting our support team will help us investigate your query.

Response
No content

Managed Accounts

Managed Accounts are a type of financial instrument offered by Weavr. They hold funds for their owner, and can be upgraded to IBANs so as to receive and send funds to instruments outside of the Weavr Platform, via Wire Transfers. These accounts can also be used as sources and destinations in the transfer transaction.

With the access_token representing the identity and the consent of the identity, you will be able to operations on the identity's managed accounts, such as getting a managed account's details and retrieving its statement.

Operations

Managed Cards

Managed Cards are a type of financial instrument offered by Weavr. Cards created in prepaid mode have their own balance, whereas those created in debit mode tap into the balance of their parent Managed Accounts. Apart from being used at merchants for puchases, prepaid mode cards can also be used as sources and destinations in the transfer transaction.

With the access_token representing the identity and the consent of the identity, you will be able to perform operations on the identity's Managed Cards, such as getting a Managed Card's details and managing its spend rules.

Operations

Transfers

Operations

Fees

Operations

Operations

Operations

Manage

Operations