# Consume a user invite Consumes an invitation perviously sent to the user via _userInviteSend_. This is needed so that the invited user sets up the password. _Note that on the Sandbox Environment, the inviteCode is always set to \"123456\"._ Endpoint: POST /users/{user_id}/invite/consume Version: 3.63.5 Security: api-key ## Header parameters: - `idempotency-ref` (string) A unique call reference generated by the caller that, taking into consideration the payload as well as the operation itself, helps avoid duplicate operations. Idempotency reference uniqueness is maintained for at least 24 hours. ## Path parameters: - `user_id` (string, required) The unique identifier for the user. ## Request fields (application/json): - `inviteCode` (string, required) A randomly generated one-time use code. - `password` (object, required) The user's password or passcode used to log in a user. Passwords must be: - minimum 8 characters for end-users (Consumers and Corporates); 12 characters for others - maximum 30 characters - include a lowercase character - include an uppercase character - include a digit and a special character - different from any of the 5 last such passwords used. For non-PCI compliant integrations, the password submitted must be tokenised. - `password.value` (string, required) ## Response 200 fields (application/json): - `token` (string) An authorisation token to be used in the Authorization header for secured operations. ## Response 400 fields (application/json): - `message` (string) When present helps to identify and fix the problem. - `syntaxErrors` (object) Is returned as part of an HTTP error response whenever a syntax error is detected. A list of the fields together with their syntax error will be provided. - `syntaxErrors.invalidFields` (array) - `syntaxErrors.invalidFields.params` (array) - `syntaxErrors.invalidFields.fieldName` (string) - `syntaxErrors.invalidFields.error` (string) Enum: "REQUIRED", "HAS_TEXT", "REQUIRES", "SIZE", "RANGE", "IN", "NOT_IN", "REGEX", "EXACTLY", "AT_LEAST", "AT_MOST", "ALL_OR_NONE" ## Response 404 fields (application/json): - `errorCode` (string) Enum: "TOKEN_EXPIRED", "TOKEN_NOT_FOUND" ## Response 409 fields (application/json): - `errorCode` (string) Enum: "INVITE_OR_INVITE_CODE_INVALID", "UNRESOLVED_IDENTITY", "PASSWORD_ALREADY_USED", "PASSWORD_PROFILE_NOT_CONFIGURED_FOR_CREDENTIAL_TYPE", "PASSWORD_TOO_SHORT", "PASSWORD_TOO_LONG", "PASSWORD_TOO_SIMPLE", "PASSWORD_KEY_ALREADY_IN_USE", "PASSWORD_ALREADY_CREATED" ## Response 410 fields (application/json): - `errorCode` (string) Enum: "TOKEN_EXPIRED", "TOKEN_NOT_FOUND" ## Response default fields (application/json): - `code` (string) - `message` (string) ## Response 401 fields ## Response 403 fields ## Response 429 fields ## Response 500 fields ## Response 503 fields