=begin #Velo Payments APIs ### Terms and Definitions Throughout this document and the Velo platform the following terms are used: * **Payor.** An entity (typically a corporation) which wishes to pay funds to one or more payees via a payout. * **Payee.** The recipient of funds paid out by a payor. * **Payment.** A single transfer of funds from a payor to a payee. * **Payout.** A batch of Payments, typically used by a payor to logically group payments (e.g. by business day). Technically there need be no relationship between the payments in a payout - a single payout can contain payments to multiple payees and/or multiple payments to a single payee. * **Sandbox.** An integration environment provided by Velo Payments which offers a similar API experience to the production environment, but all funding and payment events are simulated, along with many other services such as OFAC sanctions list checking. ## Overview The Velo Payments API allows a payor to perform a number of operations. The following is a list of the main capabilities in a natural order of execution: * Authenticate with the Velo platform * Maintain a collection of payees * Query the payor’s current balance of funds within the platform and perform additional funding * Issue payments to payees * Query the platform for a history of those payments This document describes the main concepts and APIs required to get up and running with the Velo Payments platform. It is not an exhaustive API reference. For that, please see the separate Velo Payments API Reference. ## API Considerations The Velo Payments API is REST based and uses the JSON format for requests and responses. Most calls are secured using OAuth 2 security and require a valid authentication access token for successful operation. See the Authentication section for details. Where a dynamic value is required in the examples below, the {token} format is used, suggesting that the caller needs to supply the appropriate value of the token in question (without including the { or } characters). Where curl examples are given, the –d @filename.json approach is used, indicating that the request body should be placed into a file named filename.json in the current directory. Each of the curl examples in this document should be considered a single line on the command-line, regardless of how they appear in print. ## Authenticating with the Velo Platform Once Velo backoffice staff have added your organization as a payor within the Velo platform sandbox, they will create you a payor Id, an API key and an API secret and share these with you in a secure manner. You will need to use these values to authenticate with the Velo platform in order to gain access to the APIs. The steps to take are explained in the following: create a string comprising the API key (e.g. 44a9537d-d55d-4b47-8082-14061c2bcdd8) and API secret (e.g. c396b26b-137a-44fd-87f5-34631f8fd529) with a colon between them. E.g. 44a9537d-d55d-4b47-8082-14061c2bcdd8:c396b26b-137a-44fd-87f5-34631f8fd529 base64 encode this string. E.g.: NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ== create an HTTP **Authorization** header with the value set to e.g. Basic NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ== perform the Velo authentication REST call using the HTTP header created above e.g. via curl: ``` curl -X POST \\ -H \"Content-Type: application/json\" \\ -H \"Authorization: Basic NDRhOTUzN2QtZDU1ZC00YjQ3LTgwODItMTQwNjFjMmJjZGQ4OmMzOTZiMjZiLTEzN2EtNDRmZC04N2Y1LTM0NjMxZjhmZDUyOQ==\" \\ 'https://api.sandbox.velopayments.com/v1/authenticate?grant_type=client_credentials' ``` If successful, this call will result in a **200** HTTP status code and a response body such as: ``` { \"access_token\":\"19f6bafd-93fd-4747-b229-00507bbc991f\", \"token_type\":\"bearer\", \"expires_in\":1799, \"scope\":\"...\" } ``` ## API access following authentication Following successful authentication, the value of the access_token field in the response (indicated in green above) should then be presented with all subsequent API calls to allow the Velo platform to validate that the caller is authenticated. This is achieved by setting the HTTP Authorization header with the value set to e.g. Bearer 19f6bafd-93fd-4747-b229-00507bbc991f such as the curl example below: ``` -H \"Authorization: Bearer 19f6bafd-93fd-4747-b229-00507bbc991f \" ``` If you make other Velo API calls which require authorization but the Authorization header is missing or invalid then you will get a **401** HTTP status response. The version of the OpenAPI document: 2.35.58 Generated by: https://openapi-generator.tech OpenAPI Generator version: 7.1.0-SNAPSHOT =end require 'spec_helper' require 'json' # Unit tests for VeloPayments::UsersApi # Automatically generated by openapi-generator (https://openapi-generator.tech) # Please update as you see appropriate describe 'UsersApi' do before do # run before each test if ENV['APITOKEN'] == "" VeloPayments.configure do |config| config.username = ENV['KEY'] config.password = ENV['SECRET'] end api_instance = VeloPayments::LoginApi.new opts = { grant_type: 'client_credentials' } begin res = api_instance.velo_auth(opts) ENV['APITOKEN'] = res.access_token rescue VeloPayments::ApiError => e puts "Exception when calling LoginApi->velo_auth: #{e}" end end uri = URI.parse(ENV['APIURL']) VeloPayments.configure do |config| config.access_token = ENV['APITOKEN'] config.host = uri.host end @api_instance = VeloPayments::UsersApi.new end after do # run after each test end describe 'test an instance of UsersApi' do it 'should create an instance of UsersApi' do expect(@api_instance).to be_instance_of(VeloPayments::UsersApi) end end # unit tests for delete_user_by_id_v2 # Delete a User # Delete User by Id. # @param user_id The UUID of the User. # @param [Hash] opts the optional parameters # @return [nil] describe 'delete_user_by_id_v2 test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for disable_user_v2 # Disable a User # <p>If a user is enabled this endpoint will disable them </p> <p>The invoker must have the appropriate permission </p> <p>A user cannot disable themself </p> <p>When a user is disabled any active access tokens will be revoked and the user will not be able to log in</p> # @param user_id The UUID of the User. # @param [Hash] opts the optional parameters # @return [nil] describe 'disable_user_v2 test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for enable_user_v2 # Enable a User # <p>If a user has been disabled this endpoints will enable them </p> <p>The invoker must have the appropriate permission </p> <p>A user cannot enable themself </p> <p>If the user is a payor user and the payor is disabled this operation is not allowed</p> <p>If enabling a payor user would breach the limit for master admin payor users the request will be rejected </p> # @param user_id The UUID of the User. # @param [Hash] opts the optional parameters # @return [nil] describe 'enable_user_v2 test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for get_self # Get Self # Get the user's details # @param [Hash] opts the optional parameters # @return [UserResponse] describe 'get_self test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for get_user_by_id_v2 # Get User # Get a Single User by Id. # @param user_id The UUID of the User. # @param [Hash] opts the optional parameters # @return [UserResponse] describe 'get_user_by_id_v2 test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for invite_user # Invite a User # Create a User and invite them to the system # @param invite_user_request Details of User to invite # @param [Hash] opts the optional parameters # @return [nil] describe 'invite_user test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for list_users # List Users # Get a paginated response listing the Users # @param [Hash] opts the optional parameters # @option opts [UserType] :type The Type of the User. # @option opts [UserStatus] :status The status of the User. # @option opts [String] :entity_id The entityId of the User. # @option opts [PayeeType] :payee_type The Type of the Payee entity. Either COMPANY or INDIVIDUAL. # @option opts [Integer] :page Page number. Default is 1. # @option opts [Integer] :page_size The number of results to return in a page # @option opts [String] :sort List of sort fields (e.g. ?sort=email:asc,lastName:asc) Default is email:asc 'name' The supported sort fields are - email, lastNmae. # @return [PagedUserResponse] describe 'list_users test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for register_sms # Register SMS Number # <p>Register an Sms number and send an OTP to it </p> <p>Used for manual verification of a user </p> <p>The backoffice user initiates the request to send the OTP to the user's sms </p> <p>The user then reads back the OTP which the backoffice user enters in the verifactionCode property for requests that require it</p> # @param register_sms_request a SMS Number to send an OTP to # @param [Hash] opts the optional parameters # @return [nil] describe 'register_sms test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for resend_token # Resend a token # <p>Resend the specified token </p> <p>The token to resend must already exist for the user </p> <p>It will be revoked and a new one issued</p> # @param user_id The UUID of the User. # @param resend_token_request The type of token to resend # @param [Hash] opts the optional parameters # @return [nil] describe 'resend_token test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for role_update # Update User Role # <p>Update the user's Role</p> # @param user_id The UUID of the User. # @param role_update_request The Role to change to # @param [Hash] opts the optional parameters # @return [nil] describe 'role_update test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for unlock_user_v2 # Unlock a User # If a user is locked this endpoint will unlock them # @param user_id The UUID of the User. # @param [Hash] opts the optional parameters # @return [nil] describe 'unlock_user_v2 test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for unregister_mfa # Unregister MFA for the user # <p>Unregister the MFA device for the user </p> <p>If the user does not require further verification then a register new MFA device token will be sent to them via their email address</p> # @param user_id The UUID of the User. # @param unregister_mfa_request The MFA Type to unregister # @param [Hash] opts the optional parameters # @return [nil] describe 'unregister_mfa test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for unregister_mfa_for_self # Unregister MFA for Self # <p>Unregister the MFA device for the user </p> <p>If the user does not require further verification then a register new MFA device token will be sent to them via their email address</p> # @param self_mfa_type_unregister_request The MFA Type to unregister # @param [Hash] opts the optional parameters # @option opts [String] :authorization Bearer token authorization leg of validate # @return [nil] describe 'unregister_mfa_for_self test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for update_password_self # Update Password for self # Update password for self # @param self_update_password_request The password # @param [Hash] opts the optional parameters # @return [nil] describe 'update_password_self test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for user_details_update # Update User Details # <p>Update the profile details for the given user</p> <p>When updating Payor users with the role of payor.master_admin a verificationCode is required</p> # @param user_id The UUID of the User. # @param user_details_update_request The details of the user to update # @param [Hash] opts the optional parameters # @return [nil] describe 'user_details_update test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for user_details_update_for_self # Update User Details for self # <p>Update the profile details for the given user</p> <p>Only Payee user types are supported</p> # @param payee_user_self_update_request The details of the user to update # @param [Hash] opts the optional parameters # @return [nil] describe 'user_details_update_for_self test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end # unit tests for validate_password_self # Validate the proposed password # validate the password and return a score # @param password_request The password # @param [Hash] opts the optional parameters # @return [ValidatePasswordResponse] describe 'validate_password_self test' do it 'should work' do # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/ end end end