Onboard a client
Overview of endpoints in the onboarding process
Take a look at the requests that you need to use to construct an onboarding experience for your client:
POST /commerce/v1/clients- send basic client information, create apartyto represent the client's business, and to get a client ID. In the response you receive outstanding onboarding requirements:- Due diligence question IDs.
- Required documents.
- Required attestations.
GET /commerce/v1/questions- to retrieve additional client onboarding questions that your client must answer. ThePOST /commerce/v1/clientsresponse contains the question IDs.PATCH /commerce/v1/clients/{id}- to send more detailed information required for CIP (Customer Identification Program), including answers to outstanding questions.GET /commerce/v1/documents/{id}/file- get documents that must be read and attested by your client.POST /commerce/v1/clients/{id}/verifications- send an instruction to J.P. Morgan to perform the due diligence and verification checks to complete onboarding.GET /commerce/v1/clients/{id}- to check the onboarding status of your client.
Endpoints for onboarding
All onboarding endpoints use the clients resource, and include commerce in the path URL, for example:
https://{baseurl}/commerce/v1/clients
Create a client profile with minimum data
To create a client, send a POST /commerce/v1/clients request with:
- A
partieslist of objects. - A
productwith the valueMERCHANT_SERVICES.
These objects contain both information about the client as an organization party, and an individual party who can act as the controller for the client business.
In your parties objects, include:
partyType:ORGANIZATIONfor the client organization.partyType:INDIVIDUALto represent the controller.externalId: Your own unique identifier for the client organization, individual, and subsequent individual party. TheexternalIdfield is optional.roles: Must beCLIENTforORGANIZATIONandCONTROLLERforINDIVIDUALparty. For additional owners, with more than a 25% ownership of the company, you must also add a party with the roleBENEFICIAL_OWNER.organizationDetails for the organization must include:organizationTypeorganizationName- At least one entry in
addresses.
individualDetailsfor the individual party must include:firstNamelastName
Sample createClient request body with minimum data:
{
"parties": [
{
"partyType": "ORGANIZATION",
"email": "monica@cpgetaways.com",
"roles": [
"CLIENT"
],
"organizationDetails": {
"organizationType": "SOLE_PROPRIETORSHIP",
"organizationName": "Central Perk Getaways",
"countryOfFormation": "US"
}
},
{
"partyType": "INDIVIDUAL",
"roles": [
"CONTROLLER",
"BENEFICIAL_OWNER"
],
"individualDetails": {
"firstName": "Monica",
"lastName": "Gellar",
"countryOfResidence": "US"
}
}
],
"products": [
"MERCHANT_SERVICES"
]
}Create a client profile with full data
You can also send a full payload with all the required information about your client and their organization.
The following example is a complete request with all required fields populated for a sole proprietorship organization. The complete request includes details about the organization's industry type. For reference information on the North American Industry Classification System (NAICS), go here.
Sample createClient request body with complete data:
{
"parties": [
{
"partyType": "ORGANIZATION",
"roles": [
"CLIENT"
],
"email": "topcookiellc@example.com",
"organizationDetails": {
"organizationType": "LIMITED_LIABILITY_COMPANY",
"organizationName": "Top Cookie",
"addresses": [
{
"addressType": "BUSINESS_ADDRESS",
"addressLines": [
"123 Candy St."
],
"city": "Redwood City",
"state": "CA",
"postalCode": "94603",
"country": "US"
}
],
"countryOfFormation": "US",
"dbaName": "Top Cookie SF",
"naics": "311811",
"organizationDescription": "We bake the freshest cookies every day to warm your heart.",
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "6502694433",
"countryCode": "+1"
},
"website": "https://topcookie.net",
"websiteAvailable": true,
"yearOfFormation": "1984",
"organizationIds": [
{
"idType": "EIN",
"value": "101102244",
"issuer": "US"
}
]
}
},
{
"partyType": "INDIVIDUAL",
"roles": [
"CONTROLLER"
],
"individualDetails": {
"firstName": "Top",
"lastName": "Doge",
"birthDate": "1990-01-01",
"addresses": [
{
"addressType": "RESIDENTIAL_ADDRESS",
"addressLines": [
"300 Candy St.",
"Suite 500"
],
"city": "Redwood City",
"state": "CA",
"postalCode": "94603",
"country": "US"
}
],
"countryOfResidence": "US",
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "6502694433",
"countryCode": "+1"
},
"individualIds": [
{
"idType": "SSN",
"value": "444331111",
"issuer": "US"
}
],
"jobTitle": "CEO"
}
},
{
"partyType": "INDIVIDUAL",
"roles": [
"BENEFICIAL_OWNER"
],
"individualDetails": {
"firstName": "Best",
"lastName": "Doge",
"birthDate": "1990-01-01",
"addresses": [
{
"addressType": "RESIDENTIAL_ADDRESS",
"addressLines": [
"300 Candy St.",
"Suite 600"
],
"city": "Redwood City",
"state": "CA",
"postalCode": "94603",
"country": "US"
}
],
"countryOfResidence": "US",
"phone": {
"phoneType": "BUSINESS_PHONE",
"phoneNumber": "6502694433",
"countryCode": "+1"
},
"individualIds": [
{
"idType": "SSN",
"value": "444335555",
"issuer": "US"
}
],
"jobTitle": "CFO"
}
}
],
"products": [
"MERCHANT_SERVICES"
]
}Complete due diligence questions
Due diligence questions are an essential part of onboarding your client to J.P. Morgan Payments. Questions must be asked in the exact wording provided, and answers returned in the required format.
The format of answers can be:
- Boolean (True/False)
- String (Description or Drop down selection)
- Integer (Numeric value) and Date.
To complete due diligence questions for a client, you must:
- Retrieve the question IDs. You find these in the
outstandingobject in the success response to any of these calls:GET /commerce/v1/clients/{id}POST /commerce/v1/clientsPOST /commerce/v1/clients/{id}
- Get the questions to display to your client using
GET /commerce/v1/questions, including a comma-separated list of question IDs in thequestionIdsparameter. These can include follow-up questions insubQuestions. - Send the answers, in the format provided by each question, using
PATCH /commerce/v1/clients/{id}. Include any answers to follow-up questions.
Get the questions to ask your client
A successful 200 or 201 response to the preceding /commerce/v1/clients requests includes an outstanding object. Within outstanding is a list of questionIds.
If questionIds is populated, you must retrieve the questions using their ID and present them to your client.
Sample response to /commerce/v1/clients with questionIds 300001, 300002, 300003.
{
"attestations": [],
"id": "1000010400",
"parties": [ ... ],
"partyId": "2000000111",
"products": [
"MERCHANT_SERVICES"
],
"outstanding": {
"attestationDocumentIds": [
"c4e4739f-33ed-47f6-82fa-0b1c5c992d0b"
],
"documentRequestIds": [],
"partyIds": [],
"partyRoles": [],
"questionIds": [
"300001",
"300002",
"300003"
]
},
"questionResponses": [],
"status": "NEW"
}Present the questions
Send a request to GET /commerce/v1/questions with the questionIds in the request parameters.
Sample request:
curl -X 'GET' \
/commerce/v1/questions?questionIds=300001%2C300002%2C300003' \
-H 'accept: application/json' \Sample response:
{
"questions": [
{
"contentKey": "totalAnnualRevenueInteger",
"content": [
{
"description": "What is your Total Annual Revenue in local currency?",
"label": "Total annual revenue/income:",
"locale": "en-US"
}
],
"defaultLocale": "en-US",
"description": "What is your Total Annual Revenue in local currency?",
"id": "30005",
"responseSchema": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "integer"
}
},
"subQuestions": []
}
]
}Capturing 'child' answers to follow-up questions
In some cases, you must send additional information or an answer to a further question.
Follow-up questions are only required if the answer to the parent question is positive (that is, your user answers "true" to the parent question).
In the following example, when the user answers "true" to question ID 30026, the follow-up question ID 30027 is required. Only show the child question ID 30027 to your client if the response to question ID 30026 is "true":
{
"questions": [
{
"contentKey": "VendorsOrSuppliersForCubaIranNKoreaCrimeaYesNo",
"content": [
{
"description": "Do you have locations, sell goods, or services, or have vendors or suppliers in countries or regions subject to comprehensive sanctions programs (Iran, North Korea, Cuba, Syria and the Crimea, Donetsk, Luhansk Regions of Ukraine), or work with Sanctioned Parties in Russia or Venezuela?",
"label": "Do you have locations, sell goods, or services, or have vendors or suppliers in countries or regions subject to comprehensive sanctions programs (Iran, North Korea, Cuba, Syria and the Crimea, Donetsk, Luhansk Regions of Ukraine), or work with Sanctioned Parties in Russia or Venezuela?",
"locale": "en-US"
}
],
"defaultLocale": "en-US",
"description": "Do you have locations, sell goods, or services, or have vendors or suppliers in countries or regions subject to comprehensive sanctions programs (Iran, North Korea, Cuba, Syria and the Crimea, Donetsk, Luhansk Regions of Ukraine), or work with Sanctioned Parties in Russia or Venezuela?",
"id": "30026",
"responseSchema": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "boolean"
}
},
"subQuestions": [
{
"anyValuesMatch": "true",
"questionIds": [
"30027"
]
}
]
},
{
"contentKey": "listCountriesVendorsSuppliersBoolean",
"content": [
{
"description": "If so, select which ones (multiple possible)",
"label": "If so, select which ones (multiple possible)",
"locale": "en-US"
}
],
"defaultLocale": "en-US",
"description": "If so, select which ones (multiple possible)",
"id": "30027",
"parentQuestionId": "30026",
"responseSchema": {
"type": "array",
"minItems": 1,
"maxItems": 1,
"items": {
"type": "string"
}
},
"subQuestions": []
}
]
}Send the question responses
In the response to a GET /commerce/v1/questions request, responseSchema tells you how to present each question to your client and how the client expresses their answer.
After you present the questions and gather the answers, send the question responses using PATCH /commerce/v1/clients/{id}.
Sample of answers in the questionResponses object:
{
"questionResponses": [
{
"questionId": "300001",
"values": [
"US",
"CA"
]
},
{
"questionId": "300002",
"values": [
"true"
]
},
{
"questionId": "300003",
"values": [
"A large batch of cookies are baked and sold every National Cookie Day in December. An average of 100K USD is collected."
]
}
]
}Client attestations and additional documents
In addition to customer onboarding questions, your client must also complete:
- Attestations listed in
attestationDocumentIds: contains the outstanding attestations that the client must complete - such as disclosure and consent forms, and terms and conditions. The object tells you which documents are required by ID, which you can then request usingGET /commerce/v1/documents/{id}. - Documents listed in
documentRequestIds: contains any supported documents that may be required, depending on the verification details already submitted. This can include copies of documents that support the verifications, such as a Social Security document.
Get and send attestations
Your client must be able to show that they agree to the terms and conditions of Merchant Services, as well as giving their consent for their data to be used.
To send attestations:
- Call
GET /commerce/v1/clients/{id}(or check the response to aPOSTrequest to the same endpoint). In the response, an attestation is required when theattestationDocumentIdsfield in theoutstandingobject is populated. - Call
GET /commerce/v1/documents/{attestationDocumentId}. In the response, thedocumentTypefield shows which document must be attested by the client. - Call
GET /commerce/v1/documents/{attestationDocumentId}/fileto return the document itself, so you can display it to your client. - Send a
PATCH /commerce/v1/clients/{id}to pass the attestation.
Get attestation documents
Determine the required documents that need to be attested in a response to any of the following calls:
GET /commerce/v1/clientsPOST /commerce/v1/clientsPOST /commerce/v1/clients/{id}
In the following response example, document ID 62d29548-f55a-458e-b9bb-ed32a6a05a1b requires client attestation.
{
"attestations": [],
"id": "1000010400",
"parties": [ ... ],
"partyId": "2000000111",
"products": [
"MERCHANT_SERVICES"
],
"outstanding": {
"attestationDocumentIds": [
"62d29548-f55a-458e-b9bb-ed32a6a05a1b"
],
"documentRequestIds": [],
"partyIds": [],
"partyRoles": [],
"questionIds": [
"300001",
"300002",
"300003"
]
},
"questionResponses": [],
"status": "NEW"
}To check the required document type that you need to present to your client, send a request to GET /commerce/v1/documents/{id} with an ID from the attestationDocumentIds in the path.
To access the file itself, send a request to GET /commerce/v1/documents/{id}/file.
The response carries the document that can be displayed in your platform experience.
Present attestations to your client
Your clients agree to terms and conditions and the content of other written documents when they make their attestation.
Present attestation documents to your client in a format they can easily read, and provide some interaction so they can demonstrate that they have read and understood what they are attesting.
For example, refer to the following sample text that can be accompanied by check box to show your client agrees:
- To attest terms and conditions:
- I have read and agree to the Terms and Conditions, the Merchant Account Agreement, and the preceding certifications.
- To verify information being sent is accurate:
- I, client name here, hereby certify, to the best of my knowledge, that the information provided is complete and correct.
Send attestation
To send the attestation, call PATCH /commerce/v1/clients/{id} and include the following required information in the addAttestations object:
attesterFullName- The full name of the party attesting.attestationTime- A timestamp of the attestation.documentId- The given ID of the document being attested - this is the sameattestationDocumentIdsvalue you used to get the document.ipAddress- The client's IP address from which the attestation was made.
Sample addAttestations request:
{
"addAttestations": [
{
"attesterFullName": "Monica Gellar",
"attestationTime": "2017-07-21T17:32:28.000Z",
"documentId": "c4e4739f-33ed-47f6-82fa-0b1c5c992d0b",
"ipAddress": "192.158.1.38"
}
]
}Complete the onboarding steps
After you submit all the required documents, attestations, and answers, you can request the completion of the onboarding process.
To complete the onboarding process, send a POST /commerce/v1/clients/{id}/verifications request. J.P. Morgan performs the required checks and due diligence processes. In many cases, your client is likely to be onboarded without further input after this point. In some cases, more information can be requested.
Sample request:
curl -X 'POST' \
'https://base-url/commerce/v1/clients/1000010400/verifications' \
-H 'accept: */*' \
-H 'platform_id: 0005191231 ' \
-d ''If successful, you receive a 202 Accepted response.
Send additional documents
After submitting all client details for verification, your client may still be asked to upload documents to confirm the identity of the party being onboarded. For example, they may need to upload a copy of their Driver's License.
To add additional documentation:
- Send a
GET /commerce/v1/clients/{id}request and check theoutstandingobject. If an additional document is required, the documentRequestIds field is populated with an ID. - Send a
GET /commerce/v1/document-requests/{id}request. The response contains the required document type that must be uploaded. - Your client must provide the additional document direct to J.P. Morgan.
Sample response GET /commerce/v1/clients/{id} with documentRequestIds populated:
{
"attestations": [],
"id": "1000010400",
"parties": [ ... ],
"partyId": "2000000111",
"products": [
"MERCHANT_SERVICES"
],
"outstanding": {
"attestationDocumentIds": [],
"documentRequestIds": [
"50006"
],
"partyIds": [],
"partyRoles": [],
"questionIds": []
},
"questionResponses": [],
"status": "INFORMATION_REQUESTED"
}Check which additional documents are required
Verify the required documents in the response to a POST /commerce/v1/clients or PATCH /commerce/v1/clients/{id} request.
Sample with outstanding documentRequestIds:
{
"attestations": [],
"id": "1000010400",
"parties": [ ... ],
"partyId": "2000000111",
"products": [
"MERCHANT_SERVICES"
],
"outstanding": {
"attestationDocumentIds": [],
"documentRequestIds": [
"62d29548-f55a-458e-b9bb-ed32a6a05a1b"
],
"partyIds": [],
"partyRoles": [],
"questionIds": []
},
"questionResponses": [],
"status": "NEW"
}Understand client and party onboarding status
You can update outstanding information about the client by sending a PATCH request to /commerce/v1/clients/{id}..
The status values on the response shows you how far your client, and related parties, have been onboarded.
Client status
customerIdentityStatus represents the progress of the client's CIP verification.
Possible values:
NOT_STARTED- CIP verification has not started. The request has not been submitted.REVIEW_IN_PROGRESS- Onboarding verifications have started and are in progress. During review, you may need to collect additional documents or information - which is shown in the outstanding object in theGET /commerce/v1/clients/{ID}request.INFORMATION_REQUESTED- Your client or related parties must provide additional information or documents to proceed with verification. When the requested information is provided, client status becomesREVIEW_IN_PROGRESS.APPROVED- Your client's CIP verification is complete.
status represents the overall progress - CIP verification and KYC - of your client's onboarding journey. status cannot complete - APPROVED - until all onboarding stages have been completed for both the client and related parties.
Possible values:
NEW- Onboarding verifications haven't started yet since there isn't enough information available yet.REVIEW_IN_PROGRESS- Onboarding verifications have started and are in progress. During review, you may need to collect additional documents or information - which is shown in theoutstandingobject in theGET /commerce/v1/clients/{ID}request.INFORMATION_REQUESTED- Your client or related parties must provide additional information or documents to proceed with verification. After the requested information is provided,statuschanges toREVIEW_IN_PROGRESS.APPROVED- Your client and all related parties have successfully completed due diligence and onboarding.DECLINED- Your client cannot be onboarded based on their response to our due diligence processes.SUSPENDED- Either:- During onboarding, your client hasn't provided requested information or documents within the defined period.
- After onboarding, you placed a request to temporarily make the client's account inactive.
TERMINATED- You have placed a request to permanently terminate your client's Merchant Services accounts.
Profile status
profileStatus represents the onboarding status of a party. The term profile refers to the party profile kept on each party associated with a client.
Possible values:
REVIEW_IN_PROGRESS- Either:- Due diligence review is in progress.
- During review, a request has been placed to collect additional documents or information.
INFORMATION_REQUESTED- Your client's Beneficial Owner or Controller is requested to provide additional information or documents to proceed with verification.APPROVED- Your client's Beneficial Owner or Controller has completed onboarding. This may not yet mean that your client has completed all the onboarding stages, but this party is onboarded.
Show your client their details
To get all information in your client's Merchant Services profile, use the request GET /clients/{id}, using the clientId in the path.
Sample request:
curl -X 'GET' \
'https://base-url/commerce/v1/clients/1000010400' \
-H 'accept: application/json'Reference table of fields for POST /clients
Field |
Definition |
Values |
Example |
|---|---|---|---|
|
- |
- |
- |
|
Whether the party in this object is an individual or an organization. |
Enum: INDIVIDUAL ORGANIZATION |
ORGANIZATION |
|
Your chosen ID for this client. |
TC1234 |
|
e |
Email address for the client |
String |
m.gellar@cperk.com |
|
The role of the client being added. Use CLIENT when adding a new organization for a client. |
Enum: AUTHORIZED_USER, BENEFICIAL_OWNER, CLIENT, CONTROLLER, DECISION_MAKER, PRIMARY_CONTACT |
CLIENT |
|
Object containing details of your client’s organization. |
- |
- |
|
The type of organization your client has. |
Enum: LIMITED_LIABILITY_COMPANY, C_CORPORATION, S_CORPORATION, PARTNERSHIP, PUBLICLY_TRADED_COMPANY, NON_PROFIT_CORPORATION, GOVERNMENT_ENTITY, SOLE_PROPRIETORSHIP, UNINCORPORATED_ASSOCIATION |
SOLE_PROPRIETORSHIP |
|
The name of your client’s organization |
String |
Central Perk Getaways |
|
Doing Business As (DBA) name. A commonly used name for your client’s business. |
String |
CP Getaways |
|
Description of your client’s business |
String |
Relax, unwind and experience the comforting charm of our apartment while exploring New York |
|
The industry category of the business connected to the client. Use the reference data page to find a list of acceptable descriptions. |
String |
Accommodation and Food Services |
|
The industry type of the business connected to the client. You can use the Reference Data page to get a list of acceptable values. |
String |
Bed And Breakfast Inns |
|
Country code of the country where your client’s organization was formed. |
Country code in ISO alpha-2 format. |
US |
|
The year your client’s organization was formed |
String – 4 characters |
2020 |
|
Object. Address details of the organization |
- |
- |
|
The type of address |
Enum: LEGAL_ADDRESS, MAILING_ADDRESS, BUSINESS_ADDRESS, RESIDENTIAL_ADDRESS |
LEGAL_ADDRESS |
|
Lines of the organization’s address. Each line separated by a comma. First line must start with a number, and cannot be a PO box. |
String. Minimum 1 item, maximum 5 items. |
"689 Main St", "Opposite St. Andrews Church", "New Town" |
|
City of the address |
String |
New York |
|
State code for the organization address. State is mandatory for countries like United States. |
Alpha-2 format. |
NY |
|
Postal/ZIP code |
String |
99501 |
|
Object for phone numbers |
- |
- |
|
Identifies the type of being added |
Enum: BUSINESS_PHONE, MOBILE_PHONE, ALTERNATE_PHONE |
BUSINESS_PHONE |
|
Country code that precedes the phone number |
String – using + then the relevant international dialling code. |
+1 |
|
The phone number including area code |
String |
785462944 |
|
Object – the tax ID of the organization |
- |
- |
|
The ID type |
Enum: EIN BUSINESS_REGISTRATION_ID |
EIN |
|
The issuing authority of the ID |
String |
US |
|
The ID number |
String |
000000001 |
|
Whether the organization has a website |
Boolean |
TRUE |
|
The URL of the organization’s website |
String – a valid URL. |
https://topcookie.net |
|
- |
- |
- |
|
What type of party is being added. This is an Individual associated with the organization being added as a client. |
Enum: INDIVIDUAL, ORGANIZATION |
INDIVIDUAL |
|
An external ID for the individual party being added with the client. |
String: max 20 characters |
TCU12344 |
|
Individual email address |
String. Email address |
m.gellar@gmail.com |
|
The roles of the individual in the organization. At least one of these must be CONTROLLER. For SOLE_PROPRIETORSHIP clients, one of these roles must also be BENEFICIAL_OWNER |
Enum: AUTHORIZED_USER, BENEFICIAL_OWNER, CLIENT, CONTROLLER, DECISION_MAKER, PRIMARY_CONTACT |
BENEFICIAL_OWNER CONTROLLER |
|
|||
|
First name of the individual party |
String |
Monica |
|
Last name of the individual party |
String |
Gellar |
|
Country of residence of the party |
Country Code Iso Alpha2string |
US |
|
Whether the ownership of the organization by this party is direct or indirect. |
String |
Direct |
|
Job title of the individual. This is a required field for those with the role CONTROLLER |
String |
CEO |
|
Description of the job title. Only required if the jobTitle is ‘Other’ |
String |
Acts as CEO |
|
|||
|
Type of address being added |
Enum: LEGAL_ADDRESS, MAILING_ADDRESS, BUSINESS_ADDRESS, RESIDENTIAL_ADDRESS |
LEGAL_ADDRESS |
|
Address lines for the individual. Each line separated by a comma. First line must start with a number and cannot be a PO box. |
String. Minimum 1 item, maximum 5 items. |
"90 Bedford Street", "Apt 2E" |
|
City of the address of the individual |
String |
New York |
|
State of the address of the individual |
State code in alpha-2 format. |
NY |
|
Postal/ZIP code |
String |
99501 |
|
Country of the address |
Country code in alpha-2 format |
US |
socialMedia |
Object to collect social media information from clients to pass it on to shield for fraud assessment. Use profilePlatform for the social media platform and username for the handle of the individual. |
Enums for
|
INSTAGRAM |
|
Object – the ID of the individual |
- |
- |
|
Type of ID |
Enum: SSN ITIN |
SSN |
|
The issuer of the ID |
Country Code Iso Alpha2string |
US |
|
The ID number |
String |
100010001 |
|
Which products are being used by this client |
Enum: Merchant Services |
Merchant Services |
Next steps
As soon as your client completes onboarding, you can set up their Merchant Services account.