> ## Documentation Index
> Fetch the complete documentation index at: https://docs.enfuce.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Outgoing webhook notification endpoint

> Outgoing webhook endpoint to send notifications about changes on different entities within Enfuce system. This webhook needs to be implemented by a 3rd party system in order to get notifications. Enfuce is expecting a response within 1000 ms.


<RequestExample>
  ```json Account body theme={null}
  {
    "accountId": "1234567890",
    "branchCode": "752001",
    "customerNumber": "ABCDEFGH123456789",
    "id": "1234567890",
    "status": "ACCOUNT_BLOCKED",
    "subType": "STATUS_CHANGE",
    "type": "ACCOUNT"
  }
  ```

  ```json Card body theme={null}
  {
    "accountId": "1234567890",
    "branchCode": "752001",
    "cardId": "801476123",
    "customerNumber": "ABCDEFGH123456789",
    "expiration": {
      "month": 1,
      "year": 2019
    },
    "id": "1234567890",
    "productionEvent": "NCRD",
    "status": "CARD_OK",
    "subType": "PRODUCTION_EVENT",
    "truncatedCardNumber": "123456______4285",
    "type": "CARD"
  }
  ```

  ```json Transaction body theme={null}
  {
    "accountAvailableAmount": {
      "amount": 3.14,
      "currency": "EUR"
    },
    "accountCreditLimit": {
      "amount": 3.14,
      "currency": "EUR"
    },
    "accountId": "1234567890",
    "branchCode": "752001",
    "cardId": "801476123",
    "customerNumber": "ABCDEFGH123456789",
    "ecbRate": "string",
    "feeAmount": {
      "amount": 3.14,
      "currency": "EUR"
    },
    "id": "1234567890",
    "merchant": {
      "id": "64017528",
      "acquirerId": "454109",
      "city": "Helsinki",
      "country": "FIN",
      "mcc": 3016,
      "name": "Airline of the world"
    },
    "originalTransactionId": "1234567890",
    "responseCode": "string",
    "settlementAmount": {
      "amount": 3.14,
      "currency": "EUR"
    },
    "subType": "AUTH",
    "transactionAmount": {
      "amount": 3.14,
      "currency": "EUR"
    },
    "transactionDate": "2020-05-12T13:18:05",
    "transactionId": "1234567890",
    "transactionType": {
      "code": "string"
    },
    "type": "TRANSACTION"
  }
  ```

  ```json Tokenization body theme={null}
  {
    "accountScore": "03",
    "branchCode": "752001",
    "cardId": "801476123",
    "cvc2Match": "true",
    "deviceId": "12303E8BEA4D12318291041646948421E70123F308609123",
    "deviceIp": "string",
    "deviceScore": "03",
    "deviceType": {
      "description": "string",
      "value": "string"
    },
    "email": "test@enfuce.com",
    "id": "1234567890",
    "locale": "en_GB",
    "mobileNumber": "+358401234567",
    "oneTimePasscode": "123456",
    "otpDeliveryMethod": "SMS",
    "panSource": "Card added via application",
    "reasonCodes": [
      {
        "description": "string",
        "value": "string"
      }
    ],
    "status": "ACTIVE",
    "subType": "TOKENIZATION_REQUEST",
    "tokenId": 561188600,
    "tokenRequestor": {
      "description": "string",
      "value": "string"
    },
    "tokenRequestorName": "string",
    "tokenUniqueReferenceId": "DNITHE382212342124893123",
    "truncatedCardNumber": "4285",
    "type": "TOKENIZATION",
    "walletProviderRecommendation": "string"
  }
  ```

  ```json Fraud case body theme={null}
  {
    "type" : "FRAUD_CASE",
    "id" : "755e22d2-9a95-4d75-b565-556344da9ebd",
    "branchCode" : "12345",
    "subType" : "FINALIZED",
    "fraudCaseId" : "755e22d2-9a95-4d75-b565-556344da9ebd",
    "status" : "CLOSED",
    "cardId" : "123456789",
    "createdTime" : "2025-10-28T11:21:13.307322Z",
    "lastUpdatedTime" : "2025-10-28T11:21:13.307719Z",
    "comment" : "Overall comment to case",
    "resolutionStatus" : "RISK",
    "transactions" : [ {
      "transactionId" : "65465432",
      "customerDecision" : "RISK",
      "customerComment" : "Comments regarding transaction",
      "lastUpdatedTime" : "2025-01-01T00:00:00Z",
      "reason" : {
        "type" : "RISK",
        "code" : "ISSUANCE_OF_A_PAYMENT_ORDER_BY_FRAUDSTER"
      }
    }]
  }
  ```
</RequestExample>


## OpenAPI

````yaml notification post /v1/notification
openapi: 3.0.3
info:
  description: >
    Endpoint for retrieving notifications for various entities from Enfuce
    system

    # Introduction

    Notifications will be retrieved when a change is made within Enfuce system.
    A notification can be of many different

    types such as an authorisation is made, but also that a card is updated
    being blocked.


    # Common

    All endpoints will respect and make use of HTTP response codes. Requests and
    respones are UTF-8 encoded and in

    a standardized JSON format described here after.

    A client must be able to handle cases where elements are added to either the
    request or response, i.e still parsing

    the content but not act on new elements.


    Authentication towards all endpoints are using basic authentication
    according to RFC 7617
  version: '1'
  title: Enfuce API - Notification
  contact:
    name: Enfuce Financial Services
    url: https://enfuce.com
    email: info@enfuce.com
  x-logo:
    url: https://developer.enfuce.com/images/enfuce.svg
    altText: Enfuce logo
servers:
  - url: https://api.enfuce.com
security: []
tags:
  - name: Receive a notification
paths:
  /v1/notification:
    post:
      tags:
        - Receive a notification
      summary: Outgoing webhook notification endpoint
      description: >
        Outgoing webhook endpoint to send notifications about changes on
        different entities within Enfuce system. This webhook needs to be
        implemented by a 3rd party system in order to get notifications. Enfuce
        is expecting a response within 1000 ms.
      operationId: receiveNotification
      requestBody:
        $ref: '#/components/requestBodies/notificationBody'
      responses:
        '201':
          description: A new notification event created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/resourceResponse'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/errorResponse'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/errorResponse'
        '404':
          description: Customer does not exist
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/errorResponse'
        '500':
          description: Internal server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/errorResponse'
      deprecated: false
components:
  requestBodies:
    notificationBody:
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/notificationBody'
      description: >-
        Notification information. The fields are different depending which type
        of notification it is.
      required: true
  schemas:
    resourceResponse:
      type: object
      properties:
        description:
          type: string
          description: Short description of the result of the action
        id:
          type: string
          description: Will contain the ID of the resource that has been created or updated
      title: resourceResponse
    errorResponse:
      type: object
      properties:
        code:
          type: string
          description: An error code indicating what kind of error. I.e. HTTP error code
        message:
          type: string
          description: Error message in human-readable format
        id:
          type: string
          format: uuid
          description: Unique error identifier
        errorCode:
          type: string
          description: Enfuce code for a specific error type
        errorType:
          type: string
          description: Error type
          enum:
            - STATIC_VALIDATION_ERROR
            - DYNAMIC_VALIDATION_ERROR
            - INTEGRATION_ERROR
            - SECURITY_ERROR
            - UNEXPECTED_ERROR
        errorReason:
          type: string
          description: Free-form text explaining the error reason
        timestamp:
          type: string
          format: date-time
          description: Datetime when error occurred
    notificationBody:
      type: object
      discriminator:
        propertyName: type
        mapping:
          ACCOUNT:
            $ref: '#/components/schemas/AccountBody'
          CARD:
            $ref: '#/components/schemas/CardBody'
          PIN:
            $ref: '#/components/schemas/PinBody'
          TRANSACTION:
            $ref: '#/components/schemas/TransactionBody'
          AUTHORIZATION_HOLD:
            $ref: '#/components/schemas/AuthorizationHoldBody'
          TOKENIZATION:
            $ref: '#/components/schemas/TokenizationBody'
          INVOICE:
            $ref: '#/components/schemas/InvoiceBody'
          FRAUD_CASE:
            $ref: '#/components/schemas/FraudCaseBody'
      properties:
        id:
          type: string
          description: Unique ID for a notification assigned by Enfuce
          example: '1234567890'
        type:
          type: string
          description: |
            Corresponds to the entity represented in other parts of Enfuce API.
            **Note:** The `INVOICE` enum is available only for fleet cards.
          enum:
            - ACCOUNT
            - CARD
            - PIN
            - TRANSACTION
            - AUTHORIZATION_HOLD
            - TOKENIZATION
            - EMVSCRIPT
            - INVOICE
            - FRAUD_CASE
        branchCode:
          type: string
          description: >
            Your Institution Identifier assigned by Enfuce. For example, this
            can be used to determine the Sender ID for SMS messages.
          example: '752001'
      required:
        - id
        - type
    AccountBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            accountId:
              $ref: '#/components/schemas/accountId'
            customerNumber:
              $ref: '#/components/schemas/customerNumber'
            subType:
              type: string
              description: Tells in more detail about what is changed
              enum:
                - CREATED
                - REMINDER_STATUS_CHANGE
                - STATUS_CHANGE
            reminderStatus:
              $ref: '#/components/schemas/dunningStatus'
            status:
              $ref: '#/components/schemas/accountStatusGet'
          required:
            - accountId
            - customerNumber
            - subType
      title: AccountBody
    CardBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            accountId:
              $ref: '#/components/schemas/accountId'
            customerNumber:
              $ref: '#/components/schemas/customerNumber'
            cardId:
              $ref: '#/components/schemas/cardId'
            subType:
              type: string
              description: Tells in more detail about what is changed
              enum:
                - PRODUCTION_EVENT
                - STATUS_CHANGE
            status:
              $ref: '#/components/schemas/cardStatus'
            truncatedCardNumber:
              type: string
              description: Card number, masked in order to protect sensitive data
              example: '123456______4285'
            expiration:
              $ref: '#/components/schemas/expiration'
            productionEvent:
              type: string
              description: >
                - NCRD - This card production event is created at the same time
                when a new card is created via API. Only the first plastic of
                each card will have this production event

                - NLOST - This production event comes with replacement
                (REPLACE_CARD). Previous card will be put to lost and new card
                is created with production event NLOST

                - NVRT - This card production event is created at the same time
                when the new virtual card is created

                - RALLRE - This production event comes when physical form of the
                card is ordered

                - ROPIN - This production event comes when reorder PIN
                (REORDER_CARD_PIN) has been ordered

                - RPL - This production event comes automatically when current
                plastic has expired for a physical card

                - RPLRE - This production event comes with the reissue
                (REISSUE_CARD) when only plastic is renewed

                - RVRT - This production event comes automatically when current
                plastic has expired for a virtual card

                - RALLMIG - This production event will be removed in future and
                not used

                - RALLMIG_EXPIRED - This production event will be removed in
                future and not used

                - NLOSTVRT - Same as production event "NLOST" but no physical
                card is produced.

                - RALLNLOST - This production event will change the PAN# and
                replace the PIN. Used for creating the physical card for Instant
                Issuing when using REPLACE_CARD

                - RPLVRT - This production event is the same as RPLRE, but comes
                when virtual card product is reissued (REISSUE_CARD) via API
              enum:
                - NCRD
                - NLOST
                - NVRT
                - RALLRE
                - ROPIN
                - RPL
                - RPLRE
                - RVRT
                - RALLMIG
                - RALLMIG_EXPIRED
                - NLOSTVRT
                - RALLNLOST
                - RPLVRT
          required:
            - customerNumber
            - cardId
            - subType
      title: CardBody
    PinBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - type: object
          properties:
            subType:
              type: string
              description: Fixed event type for PIN update notifications.
              enum:
                - PIN_UPDATED
            plasticId:
              type: string
              description: A unique plastic identifier assigned by Enfuce.
              example: '99887766'
            cardId:
              $ref: '#/components/schemas/cardId'
            timestamp:
              type: string
              description: Source system success timestamp in ISO-8601 UTC format.
              example: '2026-04-08T08:15:30Z'
          required:
            - subType
            - plasticId
            - timestamp
      title: PinBody
    TransactionBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            accountId:
              $ref: '#/components/schemas/accountId'
            customerNumber:
              $ref: '#/components/schemas/customerNumber'
            cardId:
              $ref: '#/components/schemas/cardId'
            merchant:
              $ref: '#/components/schemas/merchant'
            responseCode:
              type: string
              description: >
                Response code that was returned to the payment schema. For AUTH
                this is according to ISO-8583:1987
            transactionType:
              $ref: '#/components/schemas/transactionType'
              description: transaction code object for a transaction
            settlementAmount:
              $ref: '#/components/schemas/money'
              description: Settlement amount received from payment schema
            subType:
              type: string
              description: >
                - AUTH - Used with original authorisation request, both
                successful and rejected get this subType.

                - AUTH_REV - Authorisation reversal that reverses the full
                amount, link to original authorisation.

                - AUTH_ADJ - Authorisation adjustment with new authorisation
                amount, link to original authorisation.

                - AUTH_ADV - Authorisation advice with new authorisation amount.
                This is used also f.ex. with Automated Fuel Dispensers when
                those send the final authorisation amount. Link to original
                authorisation might exist.

                - AUTH_UNBLOCK - Releases (unblocks) funds, previously held for
                authorisation without capturing the transaction. This is
                applicable when an authorised transaction is purged, and the
                held funds are released to the cardholder.

                - AUTH_VERIFICATION - Verifies the cardholder's account validity
                with a 0.00 amount; neither funds are reserved nor a financial
                transaction is initiated. Usually used in card-on-file setups or
                to check whether a card is active and valid.

                - FINANCIAL - Actual financial document.
              enum:
                - AUTH
                - AUTH_REV
                - AUTH_ADJ
                - AUTH_ADV
                - AUTH_UNBLOCK
                - AUTH_VERIFICATION
                - FINANCIAL
            transactionAmount:
              $ref: '#/components/schemas/money'
              description: Amount sent from POS terminal
            accountAvailableAmount:
              $ref: '#/components/schemas/money'
              description: Account available amount
            accountCreditLimit:
              $ref: '#/components/schemas/money'
              description: Account credit limit
            feeAmount:
              $ref: '#/components/schemas/money'
              description: >
                Amount of mark-up fee applied to the transaction. Mark-up fee is
                an optional fee that is applied for transactions done in
                currency other than the settlement currency.
            ecbRate:
              type: string
              description: >
                European Central Bank (ECB) published currency rate. If
                transaction currency is not supported by ECB, this value is
                null.
            transactionId:
              type: string
              description: transactionId that is representing this notification
              example: '1234567890'
            originalTransactionId:
              type: string
              description: >-
                originalTransactionId that is representing original transaction
                notification
              example: '1234567890'
            transactionDate:
              type: string
              format: date-time
              example: '2020-05-12T13:18:05'
              description: >-
                The date at the POS which the transaction was made in ISO-8601
                date-time format.
            processedByEnfuceStip:
              type: boolean
              description: >-
                For authorizations, indicates whether authorization was
                processed by Enfuce STIP or not.
            responseDescription:
              type: string
              example: 061-Usage Limit "24H_RETAIL" Amount Exceeded
              description: >
                When a payment is declined, a response description is returned,
                if available, providing more context on why the transaction
                failed. This includes a return code and a brief explanation. If
                multiple issues cause the decline, only one response description
                is sent, prioritized as the most relevant for the decline. 
                Refer to our [service
                description](https://docs.enfuce.com/guides/the-essentials/global-processing/authorisation-and-authentication-of-payments#response-descriptions)
                for the list of most relevant response descriptions and their
                usage details.
          required:
            - accountId
            - customerNumber
            - cardId
            - settlementAmount
            - subType
            - transactionAmount
            - transactionId
            - transactionDate
            - processedByEnfuceStip
      title: TransactionBody
    AuthorizationHoldBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            accountId:
              description: Account id
              type: string
            subType:
              type: string
              description: |
                Sub types:
                - AHOLD: Authorization hold
                - PBALPAY: Balance transfer
                - AHOLD_REVERSAL: Authorization hold reversal
                - PBALPAY_REVERSAL: Balance transfer reversal
              enum:
                - AHOLD
                - PBALPAY
                - AHOLD_REVERSAL
                - PBALPAY_REVERSAL
            holdAmount:
              $ref: '#/components/schemas/money'
              description: Amount to hold
          required:
            - accountId
            - subType
            - holdAmount
          title: AuthorizationHoldBody
    TokenizationBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            cardId:
              $ref: '#/components/schemas/cardId'
            locale:
              type: string
              description: >
                Customer's language and country code. For example, this can be
                used to determine language for outgoing customer communication.
              example: en_GB
            mobileNumber:
              type: string
              pattern: ([+]){1}([1-9]){1}([0-9]){5,14}
              example: '+358401234567'
              description: >-
                Customer's mobile phone number as it's saved in mobileNumber
                field.
            email:
              type: string
              example: test@enfuce.com
              description: Customer's email address as it's saved in email field.
              maxLength: 255
            otpDeliveryMethod:
              type: string
              example: SMS
              description: >
                The delivery method for oneTimePasscode that the user selected
                in the Wallet. This service is only enabled if it's within the
                scope of your wallet project.

                - EMAIL - OTP delivered via email

                - SMS - OTP delivered via SMS
              enum:
                - EMAIL
                - SMS
            oneTimePasscode:
              type: string
              description: >
                A one time passcode (six digits) that can be used to complete
                wallet provisioning in SMS OTP flow. This service is only
                enabled if it's within the scope of your wallet project.
              example: '123456'
            tokenRequestorName:
              type: string
              description: >-
                This field will be deprecated. Please use tokenRequestor object
                instead.
              deprecated: true
            status:
              type: string
              description: |
                The status of the token.

                - ACTIVE - Available for payments
                - DEACTIVATED - Permanently deactivated
                - INACTIVE - Waiting for activation
                - SUSPENDED - Temporarily not available for payments
              enum:
                - ACTIVE
                - DEACTIVATED
                - INACTIVE
                - SUSPENDED
              title: status
            subType:
              type: string
              description: >
                Please see Service Description for Digital Wallets -> 
                [here](https://enfuce.com/docs/guides/the-control-you-want/digital-first-experience/digital-wallets/#notifications_related_to_tokenisation)
              enum:
                - ACTIVATE
                - STATUS_CHANGE
                - TOKENIZATION_REQUEST
              example: TOKENIZATION_REQUEST
            truncatedCardNumber:
              type: string
              description: >
                The last four digits of the card number. This can be used when
                communicating towards the end user.  For example, help them
                identify the card in question when communicating via SMS or
                email.
              example: '4285'
            cvc2Match:
              type: boolean
              description: >
                The result of CVC2 validation done by Visa. This enables you add
                additional security measures. For example, to block a card after
                a high frequency of invalid attempts. This field is not
                populated by default as such security measures are handled by
                Enfuce.
              example: 'true'
            deviceId:
              type: string
              description: >
                Device ID or Secure Element ID to identify user's device. For
                example, this is necessary for reporting fraudulent devices to
                Apple.
              example: 12303E8BEA4D12318291041646948421E70123F308609123
            deviceIp:
              type: string
              description: |
                Device ip address
            deviceType:
              $ref: '#/components/schemas/valueDescription'
              description: >-
                The type of the device initiating the tokenization request (for
                example, a phone or tablet).
              example:
                value: '01'
                description: Mobile phone
            deviceScore:
              type: string
              description: >
                Wallet Provider Device Score - Risk score assigned to the device
                that initiated tokenization, which you can use to improve your
                fraud prevention processes. Valid values, depending on the
                scheme,  are 1/01 (indicating a poor status) through to 5/05
                (indicating excellent status).  A value of 3/03 indicates
                neutral status.
              example: '03'
            accountScore:
              type: string
              description: >
                Wallet Provider Account Score - Risk score assigned to the
                wallet user, which you can use to improve  your fraud prevention
                processes. Valid values, depending on the scheme, are 1/01 (poor
                status) through  to 5/05 (excellent status). A value of 3/03
                indicates neutral status.
              example: '03'
            reasonCodes:
              type: array
              description: >
                Wallet Provider Reason Codes - These are risk indicators
                provided by the wallet provider, and you can

                use these to improve your fraud prevention processes. Possible
                values are:


                * 01 The account is considered new relative to the Payment App
                Provider service launch

                * 02 The account is considered new relative to provisioning
                request

                * 03 Account/card is considered new relative to provisioning
                request

                * 04 Changes have recently been made to account for data

                * 05 Suspicious activity has been linked to this account 

                * 06 Inactive account

                * 07 Device contains suspended tokens

                * 08 Device has recently been reported lost

                * 09 Excessive recent tokenization attempts to this device

                * 10 Excessive recent tokenization to this device

                * 11 Excessive non-matching Cardholder names within the device

                * 12 Low device score

                * 13 Low account score

                * 14 Non-domestic tokenization attempt

                * 15 Unable to provide recommendation due to system issues

                * 16 High fraud risk identified. Enhanced verification
                recommended

                * 17 Low phone number score
              items:
                $ref: '#/components/schemas/valueDescription'
                example:
                  value: '12'
                  description: Low device score
            panSource:
              type: string
              description: >
                Account PAN Source - This indicates how the PAN was captured,
                which you can use to improve your  fraud prevention processes.
                For example, you can see if the PAN was added manually or  via
                push provisioning. Values: Card on file, Card added manually,
                Card added via application, Existing token, Other.
              example: Card added via application
            tokenUniqueReferenceId:
              type: string
              description: >
                Token Unique Reference - This allows you to perform lifecycle
                management activities in Mastercard/Visa  tooling without
                relying on sensitive PCI data such as the token number itself.
              example: DNITHE382212342124893123
            tokenRequestor:
              $ref: '#/components/schemas/valueDescription'
              description: >
                Token Requestor and unique ID assigned by the scheme.  Token
                requestors are entities who initiate the process of
                tokenization.  For example, a merchant or a wallet provider.
              example:
                value: '40010030273'
                description: APPLE_PAY
            providedAddress:
              type: string
              description: >
                This field is the address that the Wallet Provider sends with
                the Token Activation Request.
              example: Street 1, 012345, New York
            providedName:
              type: string
              description: >
                This field is the cardholder name that the Wallet Provider sends
                with the Token Activation Request.
              example: John Smith
            cardholderName:
              type: string
              description: |
                This field contains the cardholder name that Enfuce has stored.
              example: John Smith
            dPan:
              type: string
              description: >
                This field contains the token number in token status change
                messages.
            tokenId:
              type: string
              description: >
                This is a unique token identifier assigned by Enfuce. This is
                not known to the scheme or wallet providers.
              example: 561188600
            walletProviderRecommendation:
              type: string
              description: >
                This is a Tokenization decision suggested by the Wallet Provider
                and  value can be used to improve your fraud prevention process
                Values: For VISA cards -> 0 (Unconditionally approved) , 1
                (Conditionally approved with further consumer verification), 2
                (Not Approved) For MasterCard cards  -> 0 (Declined), 1
                (Approved), 2 (Require additional authentication)
          required:
            - subType
      title: TokenizationBody
    InvoiceBody:
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - type: object
          properties:
            invoiceId:
              $ref: '#/components/schemas/invoiceId'
            accountId:
              $ref: '#/components/schemas/accountId'
            amount:
              $ref: '#/components/schemas/money'
              description: Total amount of the invoice
            createdDate:
              type: string
              format: date-time
              example: '2019-11-27T05:08:31Z'
              description: >-
                The date-time which the invoice was created in ISO-8601
                date-time format.
            dueDate:
              type: string
              format: date
              example: '2019-11-27'
              description: The date which the invoice is due in ISO-8601 date format.
            paymentReference:
              type: string
              description: Payment reference number for the invoice
            dunningStatus:
              $ref: '#/components/schemas/dunningStatus'
            period:
              type: object
              properties:
                start:
                  type: string
                  format: date
                  example: '2020-01-01'
                end:
                  type: string
                  format: date
                  example: '2020-01-31'
            paidAmount:
              $ref: '#/components/schemas/money'
              description: Paid amount
            status:
              $ref: '#/components/schemas/status'
            subType:
              $ref: '#/components/schemas/subType'
          required:
            - amount
            - createdDate
            - dueDate
            - accountId
            - subType
            - paymentReference
            - status
      title: InvoiceBody
    FraudCaseBody:
      title: FraudCaseBody
      description: FRAUD_CASE type of notification
      allOf:
        - $ref: '#/components/schemas/notificationBody'
        - properties:
            subType:
              type: string
              enum:
                - CREATED
                - UPDATED
                - FINALIZED
              description: Indicates which variant of the fraud case payload this is.
            fraudCaseId:
              type: string
              description: Fraud case UUID.
              example: 2f2f7b9a-0b2a-4a0a-8d4c-0a9f1c9e2b3c
            status:
              type: string
              enum:
                - OPEN
                - PENDING
                - CLOSED
              description: Current status of the fraud case.
            cardId:
              $ref: '#/components/schemas/cardId'
            createdTime:
              $ref: '#/components/schemas/FraudDateTime'
              description: >-
                The date and time when the fraud case was created (ISO-8601 with
                offset).
            lastUpdatedTime:
              $ref: '#/components/schemas/FraudDateTime'
              description: >-
                The date and time when the fraud case was last updated (ISO-8601
                with offset).
            comment:
              type: string
              description: Optional comment for the finalization.
            resolutionStatus:
              type: string
              enum:
                - RISK
                - NO_RISK
              description: Final resolution status of the case.
            transactions:
              $ref: '#/components/schemas/FraudTransactions'
          required:
            - subType
            - fraudCaseId
            - cardId
            - createdTime
            - lastUpdatedTime
            - transactions
    accountId:
      type: string
      description: accountId that is representing this notification
      example: '1234567890'
    customerNumber:
      type: string
      description: >
        Customer number that is representing this notification, typically card
        holder and is the number set as external identifier when customer is
        created
      example: ABCDEFGH123456789
    dunningStatus:
      type: string
      enum:
        - WAIT
        - REMINDER1_SENT
        - CARD_BLOCKED
        - REMINDER2_SENT
        - REMINDER3_SENT
        - REMINDER4_SENT
        - REMINDER5_SENT
        - REMINDER6_SENT
        - REMINDER7_SENT
        - SENT_TO_COLLECTION
        - STOPPED
        - DONE
    accountStatusGet:
      type: string
      enum:
        - ACCOUNT_BLOCKED
        - ACCOUNT_COLLECTION
        - ACCOUNT_OK
        - ACCOUNT_TO_CLOSE
        - ACCOUNT_CLOSED
        - ACCOUNT_AUTO_CLOSED
      title: accountStatusGet
    cardId:
      type: string
      description: >
        A unique card ID assigned by Enfuce. This can be used to identify the
        card without relying on sensitive PCI data such as the card number
        itself.
      example: '801476123'
    cardStatus:
      type: string
      description: >
        - CARD_OK - Card is open and in normal status. Card has to be in this
        status in order for it to be renewed - CARD_BLOCKED - Temporary block on
        the card that will prevent approval of authorisations. Can be used
        instead of account level temporary block if target is to block only a
        specific card - SUSPECTED_FRAUD - Temporary block on the card that will
        prevent approval of authorisations. Functionality the same as for "Card
        blocked", the different code allows to differentiate between the blocks
        - CARD_CLOSED_DUE_TO_FRAUD - Used to close a card due to known fraud -
        CARD_NO_RENEWAL - Status set to prevent following card renewal. Does not
        affect card functionality in any way, only renewal - CARD_LOST - Used to
        close a card because it is lost - CARD_STOLEN - Used to close a card
        because it is stolen - CARD_CLOSED - Used to close card by request from
        customer or bank, reason for closure is set with status update reason.
        Allows still clearing transaction posting - CARD_EXPIRED - Final card
        closure status, that blocks also clearing transaction posting
      enum:
        - CARD_OK
        - CARD_BLOCKED
        - SUSPECTED_FRAUD
        - CARD_CLOSED_DUE_TO_FRAUD
        - CARD_NO_RENEWAL
        - CARD_LOST
        - CARD_STOLEN
        - CARD_CLOSED
        - CARD_EXPIRED
      title: cardStatus
    expiration:
      type: object
      properties:
        year:
          type: integer
          format: int32
          description: Expiration year in format YYYY
          example: 2019
        month:
          type: integer
          format: int32
          description: Expiration month in format MM
          example: 1
      title: expiration
    merchant:
      type: object
      description: Will give merchant information if available
      properties:
        id:
          type: string
          example: '9260003'
        acquirerId:
          type: string
          example: '123456'
        country:
          $ref: '#/components/schemas/country'
        city:
          type: string
          example: Helsinki
        name:
          type: string
          example: Airline of the world
        mcc:
          type: string
          example: 3016
        subMerchantId:
          type: string
          example: '9260003'
    transactionType:
      description: Transaction Type of a transaction
      type: object
      properties:
        code:
          type: string
          description: transaction code of the transaction
    money:
      description: Amount including currency
      type: object
      required:
        - amount
        - currency
      properties:
        amount:
          type: number
          example: 3.14
        currency:
          $ref: '#/components/schemas/currency'
    valueDescription:
      type: object
      properties:
        value:
          type: string
        description:
          type: string
    invoiceId:
      type: string
      description: >
        A unique invoice identifier that can be used to track the invoice
        throughout its lifecycle. This ID remains constant even when the invoice
        status changes.
      example: '1570011'
    status:
      type: string
      enum:
        - CLOSED
        - OPEN
        - OVERDUE
        - PAID
        - PAID_PARTIALLY
        - WRITE-OFF
    subType:
      type: string
      description: Notification sub type
      enum:
        - CREATED
        - STATUS_CHANGE
        - DUNNING_STATUS_CHANGE
    FraudDateTime:
      type: string
      format: date-time
      example: '2025-10-30T13:29:14.908353Z'
    FraudTransactions:
      type: array
      items:
        $ref: '#/components/schemas/FraudTransaction'
      example:
        - transactionId: '12345'
          customerDecision: PENDING
          customerComment: Looks good to me
          lastUpdatedTime: '2025-07-02T15:00:00Z'
          reason:
            type: RISK
            code: ISSUANCE_OF_A_PAYMENT_ORDER_BY_FRAUDSTER
    country:
      type: string
      description: >-
        A valid ISO 3166-1 alpha-3 country code, except for QZZ (UNMIK in
        Kosovo) and ROM for Romania.
      pattern: '[A-Z]{3}'
      example: FIN
    currency:
      type: string
      description: A valid ISO 4217 currency code
      pattern: '[A-Z]{3}'
      example: EUR
    FraudTransaction:
      type: object
      properties:
        transactionId:
          type: string
          example: '12345'
          description: Unique identifier of the transaction.
        customerDecision:
          type: string
          enum:
            - PENDING
            - RISK
            - NO_RISK
          description: Status of the customer’s decision regarding the transaction.
        customerComment:
          type: string
          example: Looks good to me
          description: Optional comment provided by the customer.
        lastUpdatedTime:
          $ref: '#/components/schemas/FraudDateTime'
          description: >-
            The date and time when the transaction was added or updated within a
            case (ISO-8601 with offset).
        reason:
          type: object
          properties:
            type:
              type: string
              enum:
                - RISK
                - NO_RISK
              example: RISK
              description: Category of the reason for the transaction’s state.
            code:
              type: string
              description: Reason code
              enum:
                - GENUINE
                - ISSUANCE_OF_A_PAYMENT_ORDER_BY_FRAUDSTER
                - LOST_OR_STOLEN_CARD
                - CARD_NOT_RECEIVED
                - COUNTERFEIT_CARD
                - CARD_DETAILS_THEFT
                - MODIFICATION_OF_A_PAYMENT_ORDER_BY_FRAUDSTER
                - MANIPULATION_OF_PAYER
                - UNAUTHORIZED_PAYMENT_TRANSACTION
                - OTHER
              example: ISSUANCE_OF_A_PAYMENT_ORDER_BY_FRAUDSTER
      required:
        - transactionId

````