search

Identities

Identities represent any entity that can own accounts, perform transactions, or be subject to permissions within the platform.

Each identity can be a person, organization, or system-level actor. You can create, update, delete, and retrieve identities, as well as define hierarchical relationships and attach rules.

Endpoints
GET /identities
POST /identities
GET /identities/:id
PATCH /identities/:id
DELETE /identities/:id
POST /identities/:id/children
DELETE /identities/:id/children
POST /identities/{id}/rules
DELETE /identities/{id}/rules

hashtag
Get Identities

get

Lists identities with optional filters and pagination.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
emailstring · emailOptional

identity email

documentNumberstringOptional

identity document number

phonestringOptional

identity phone number

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

identity status

limitstringOptional

Specifies the maximum number of items to return in a single request.

nextstringOptional

A cursor indicating the position of the last retrieved item.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Example: ConomyApp
Responses
chevron-right
200

Request processed successfully.

application/json
get
/identities

hashtag
Get Identity

get

Retrieves a single identity by ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Example: ConomyApp
Responses
chevron-right
200

Request processed successfully.

application/json

Identity entity (user or organization) including profile, compliance, and access-control fields.

idstringOptional

Unique identifier for the entity.

typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailOptional

The email address associated with the entity.

phonestringOptional

the phone number linked to the entity. Include +(phone country code)

documentNumberstringOptional

The document number associated with the entity for identification purposes.

documentTypestringOptional

Documeny type of the entity (e.g., RUT, CURP, CURL). Go to the Supported Identity document types page for the complete list of supported values.

idvstringOptional

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

The current status of the entity. PENDING, PENDING_EMAIL_VALIDATION, PENDING_PHONE_VALIDATION, SCREENING, ACTIVE

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

kycobjectOptional

Information related to Know Your Customer (KYC) compliance

watchListobjectOptional

Watchlist information for compliance or fraud detection.

extendedDatastring[]Optional

Additional data.

createdAtstring · date-timeOptional

Creation date UTC format.

updatedAtstring · date-timeOptional

Time of last update made to the entity, UTC format.

get
/identities/{id}

hashtag
Create Identity

post

Creates a new identity (user or organization).

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Example: ConomyApp/2.1.1
Body
typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringRequired

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailRequired

The email address associated with the entity.

phonestringRequired

he phone number linked to the entity. Include +(phone country code)

documentNumberstringRequired

The document number associated with the entity for identification purposes.

documentTypestringRequired

The type of document (e.g., PASSPORT, NATIONAL_ID, RUT, CURP, etc).

idvstringRequired

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

Responses
chevron-right
200

Request processed successfully.

application/json

Identity entity (user or organization) including profile, compliance, and access-control fields.

idstringOptional

Unique identifier for the entity.

typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailOptional

The email address associated with the entity.

phonestringOptional

the phone number linked to the entity. Include +(phone country code)

documentNumberstringOptional

The document number associated with the entity for identification purposes.

documentTypestringOptional

Documeny type of the entity (e.g., RUT, CURP, CURL). Go to the Supported Identity document types page for the complete list of supported values.

idvstringOptional

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

The current status of the entity. PENDING, PENDING_EMAIL_VALIDATION, PENDING_PHONE_VALIDATION, SCREENING, ACTIVE

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

kycobjectOptional

Information related to Know Your Customer (KYC) compliance

watchListobjectOptional

Watchlist information for compliance or fraud detection.

extendedDatastring[]Optional

Additional data.

createdAtstring · date-timeOptional

Creation date UTC format.

updatedAtstring · date-timeOptional

Time of last update made to the entity, UTC format.

post
/identities

hashtag
Delete Identity

delete

Deletes an identity by ID.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Example: ConomyApp
Responses
delete
/identities/{id}

hashtag
Update Identity

patch

Updates mutable fields of an existing identity.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Body
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

Responses
chevron-right
200

Request processed successfully.

application/json
idstringOptional

Unique identifier for the entity.

typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailOptional

The email address associated with the entity.

phonestringOptional

the phone number linked to the entity. Include +(phone country code)

documentNumberstringOptional

The document number associated with the entity for identification purposes.

documentTypestringOptional

Documeny type of the entity (e.g., RUT, CURP, CURL). Go to the Supported Identity document types page for the complete list of supported values.

idvstringOptional

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

The current status of the entity. PENDING, PENDING_EMAIL_VALIDATION, PENDING_PHONE_VALIDATION, SCREENING, ACTIVE

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

kycobjectOptional

Information related to Know Your Customer (KYC) compliance

watchListobjectOptional

Watchlist information for compliance or fraud detection.

extendedDatastring[]Optional

Additional data.

createdAtstring · date-timeOptional

Creation date UTC format.

updatedAtstring · date-timeOptional

Time of last update made to the entity, UTC format.

patch
/identities/{id}

hashtag
Remove Child from Children

delete

Removes one or more child identities from a parent identity.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Body
childrenstring[]Required

Identity Ids of those identities that are going to be removed from the list of children of that specific father

Responses
chevron-right
200

Request processed successfully.

application/json

Identity entity (user or organization) including profile, compliance, and access-control fields.

idstringOptional

Unique identifier for the entity.

typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailOptional

The email address associated with the entity.

phonestringOptional

the phone number linked to the entity. Include +(phone country code)

documentNumberstringOptional

The document number associated with the entity for identification purposes.

documentTypestringOptional

Documeny type of the entity (e.g., RUT, CURP, CURL). Go to the Supported Identity document types page for the complete list of supported values.

idvstringOptional

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

The current status of the entity. PENDING, PENDING_EMAIL_VALIDATION, PENDING_PHONE_VALIDATION, SCREENING, ACTIVE

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

kycobjectOptional

Information related to Know Your Customer (KYC) compliance

watchListobjectOptional

Watchlist information for compliance or fraud detection.

extendedDatastring[]Optional

Additional data.

createdAtstring · date-timeOptional

Creation date UTC format.

updatedAtstring · date-timeOptional

Time of last update made to the entity, UTC format.

delete
/identities/{id}/children

hashtag
Remove Permissions over another identity

delete

Permissons allows an identity to operate in behalf of an other from the same client id, this endpoint removes an specific permission

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Identity that has permissions over another identity

toremoveIdstringRequired

Identity id to be removed

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Responses
delete
/identities/{id}/permissions/{toremoveId}

hashtag
Add Child to Identity Children

post

Add children to an identity. The _id as path param is the identityId.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Body
childrenstring[]Required

Array of identity ids (strings) that are going to be linked as child to the identityId father

Responses
chevron-right
200

Request processed successfully.

application/json

Identity entity (user or organization) including profile, compliance, and access-control fields.

idstringOptional

Unique identifier for the entity.

typestring · enumOptional

Specifies whether the entity is an ORGANIZATION or an individual USER.

Possible values:
namestringOptional

The name of the entity (for users) or the official name (for organizations).

nicknamestringOptional

An alternative or preferred name for the entity.

emailstring · emailOptional

The email address associated with the entity.

phonestringOptional

the phone number linked to the entity. Include +(phone country code)

documentNumberstringOptional

The document number associated with the entity for identification purposes.

documentTypestringOptional

Documeny type of the entity (e.g., RUT, CURP, CURL). Go to the Supported Identity document types page for the complete list of supported values.

idvstringOptional

Identity verification reference

countrystringOptional

Country of operations for the entity, specified using the ISO 3166-1 alpha-3 standard (e.g., CHL, USA, MEX). Go to the countries page for the complete list of supported values.

statusstringOptional

The current status of the entity. PENDING, PENDING_EMAIL_VALIDATION, PENDING_PHONE_VALIDATION, SCREENING, ACTIVE

externalIdstringOptional

External reference ID (client purpose).

lastnamestringOptional

The last name of the user (if applicable).

rulesobjectOptional

Custom rules or policies applicable to the entity.

genderstringOptional

Gender information (if applicable

kycobjectOptional

Information related to Know Your Customer (KYC) compliance

watchListobjectOptional

Watchlist information for compliance or fraud detection.

extendedDatastring[]Optional

Additional data.

createdAtstring · date-timeOptional

Creation date UTC format.

updatedAtstring · date-timeOptional

Time of last update made to the entity, UTC format.

post
/identities/{id}/children

hashtag
Get Permissions of an identity

get

Permissons allows an identity to operate in behalf of an other from the same client id, this endpoint retrieves the list of permissions an identity has

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity.

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Responses
chevron-right
200

Request processed successfully.

application/json

Access-control scope definition for dashboard/resource permissions.

resourcestringRequired

Kind of resource we are giving access to (e.g., IDENTITY)

referencestringRequired

Reference which identificates the resource

permissionsstring[]Required

Permissions allowed to perform on behalf of the resource

get
/identities/{id}/permissions

hashtag
Add Permissions over another identity

post

Allows an identity to operate in behalf of an other from the same client id

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
idstringRequired

Unique identifier for the identity that is receiving permissions

Header parameters
x-api-keystringRequired

The API key used for authentication when making requests to the API Gateway.

User-AgentstringRequired

Identifies the application making the request.

Bodyobject[]

Access-control scope definition for dashboard/resource permissions.

resourcestringRequired

Kind of resource we are giving access to (e.g., IDENTITY)

referencestringRequired

Reference which identificates the resource

permissionsstring[]Required

Permissions allowed to perform on behalf of the resource

Responses
post
/identities/{id}/permissions
PreviousAuthenticationNextAccounts

Last updated