curl --request POST \
--url https://api.next.orenda.finance/v1/access-management/invite/customer \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--header 'x-program-id: <api-key>' \
--data '
{
"email": "ada.lovelace@example.com",
"firstName": "Ada",
"lastName": "Lovelace",
"dob": "1985-12-10",
"nationality": "GB",
"phone": "+447700900123",
"address": {
"addressLine1": "12 Analytical Way",
"addressLine2": "Floor 2",
"city": "London",
"state": "Greater London",
"country": "GBR",
"postalCode": "EC1A 1BB"
},
"isPrepaidCardCustomer": true,
"accountId": "8f1a2b3c-4d5e-4f6a-8b7c-9d0e1f2a3b4c",
"confirmation": {
"method": "passkey",
"passkeySession": "AYABeJ...custom-auth-session",
"assertion": "{\"id\":\"q1n...\",\"response\":{\"signature\":\"MEUCI...\"}}"
}
}
'{
"success": true,
"data": {
"message": "Customer invitation processed successfully"
}
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}Invite a sub-user
Invite a sub-role member (prepaid-card, child, spouse, or card-only) funded from your account.
curl --request POST \
--url https://api.next.orenda.finance/v1/access-management/invite/customer \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--header 'x-program-id: <api-key>' \
--data '
{
"email": "ada.lovelace@example.com",
"firstName": "Ada",
"lastName": "Lovelace",
"dob": "1985-12-10",
"nationality": "GB",
"phone": "+447700900123",
"address": {
"addressLine1": "12 Analytical Way",
"addressLine2": "Floor 2",
"city": "London",
"state": "Greater London",
"country": "GBR",
"postalCode": "EC1A 1BB"
},
"isPrepaidCardCustomer": true,
"accountId": "8f1a2b3c-4d5e-4f6a-8b7c-9d0e1f2a3b4c",
"confirmation": {
"method": "passkey",
"passkeySession": "AYABeJ...custom-auth-session",
"assertion": "{\"id\":\"q1n...\",\"response\":{\"signature\":\"MEUCI...\"}}"
}
}
'{
"success": true,
"data": {
"message": "Customer invitation processed successfully"
}
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}{
"success": false,
"code": "<string>",
"message": "<string>"
}Authorization: Bearer <access_token> and x-program-id, the invitee’s details,
exactly the sub-role you want, the funding accountId, and a step-up confirmation.
400 "This program does not support consumer self-service invites".Sub-role flags
Set exactly one of these to choose the member type — the roles are mutually exclusive, so setting zero or more than one returns400:
| Flag | Member type |
|---|---|
isPrepaidCardCustomer | Prepaid-card customer drawing on your prepaid master account |
isCardOnly | Card-only member |
isSpouse | Spouse member |
isChild | Child member |
Member details
Which of the invitee’s details you must supply depends on the member type: some members need onlyemail + accountId, some need the member’s identity (firstName, lastName, dob,
nationality), and some need a full profile including address. Send what you have — if a
field is required for that member the API responds 400 naming it. (address and phone may
be inherited from your own account; see Inherited fields.)
Funding account
accountId (a UUID) is required and must be one of your own accounts — ACTIVE and not
itself a pseudo account. It’s validated before the sub-user is created; if it’s missing you get
400 accountId is required when inviting a sub-role, and if it isn’t a valid, eligible account
of yours you get 400 account not found or not eligible.
{
"email": "ada.lovelace@example.com",
"firstName": "Ada",
"lastName": "Lovelace",
"dob": "1985-12-10",
"nationality": "GB",
"phone": "+447700900123",
"address": {
"addressLine1": "12 Analytical Way",
"city": "London",
"state": "Greater London",
"country": "GB",
"postalCode": "EC1A 1BB"
},
"isPrepaidCardCustomer": true,
"accountId": "8f1a2b3c-4d5e-4f6a-8b7c-9d0e1f2a3b4c",
"confirmation": {
"method": "passkey",
"passkeySession": "AYABeJ…",
"assertion": "{\"id\":\"q1n…\",\"response\":{…}}"
}
}
Inherited fields
Depending on the program’s onboarding configuration for the chosen role, some of the sub-user’s details (such as address and phone) are inherited from your own application rather than the request body — for example a child typically inherits the parent’s address. When inheritance is enabled for a field, you can omit it from the request.Step-up authentication
Every invite requires a step-upconfirmation — either passkey or TOTP.
- Passkey
- TOTP
POST /v1/auth/passkey/challenge, complete it on the device, then send:"confirmation": {
"method": "passkey",
"passkeySession": "c14102b0-…",
"assertion": "{\"id\":\"…\",\"response\":{…}}"
}
accessToken:"confirmation": {
"method": "totp",
"totp": "123456",
"accessToken": "eyJraWQiOi…"
}
confirmation returns 422 SCA_MISSING and no user is created; an incomplete pair (e.g.
totp without accessToken) returns 400; a pin confirmation is rejected with
422 SCA_INVALID_METHOD. For TOTP, the access token must belong to you, else 401.Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
The program the request acts on.
Body
Sent by a signed-in customer inviting a sub-user. Exactly one application flag must be true (isPrepaidCardCustomer / isCardOnly / isSpouse / isChild) — the sub-roles are mutually exclusive, and consumers can only invite sub-role members, never a plain customer. Because a sub-role flag is always set, accountId is always required and must be one of the inviter's own accounts (ACTIVE, not a pseudo account). Must include a confirmation step-up object (passkey or TOTP).
Discriminated step-up (SCA) credential. passkey and totp are accepted on this endpoint (a pin confirmation is rejected with 422 SCA_INVALID_METHOD).
- Passkey
- TOTP
Show child attributes
Show child attributes
Date of birth, YYYY-MM-DD.
Alpha-2 country code, e.g. GB.
E.164-style number.
Show child attributes
Show child attributes
Funding parent account the invitee draws against. Required (a sub-role flag is always set on a consumer invite). Must be one of the inviter's own accounts, ACTIVE, and not a pseudo account.