Skip to main content
POST
/
usermanagement
/
register-customer
Register Customer
curl --request POST \
  --url https://{tenant}.fincode.software/api/v6/services/usermanagement/register-customer \
  --header 'Content-Type: application/json' \
  --header 'platform: <platform>' \
  --header 'uuid: <uuid>' \
  --data '
{
  "devicePlatform": "IOS",
  "appVersion": "1",
  "appId": "com.fincode.remitjunction",
  "customerType": "INDIVIDUAL",
  "payloadEncrypted": true,
  "firstName": "Excel",
  "lastName": "Nwachukwu",
  "email": "excel.nwachukwu+2@fincode.co.uk",
  "dialingCode": "+44",
  "phone": "984 573 63733",
  "dob": "1989-12-16",
  "password": "O5ti8XI/pLYC27E+ehORvg2YplXqX3ckoS7Kzk9cEdtC+LSzVICID9c/Tzsi0V5d...",
  "confirmPassword": "O5ti8XI/pLYC27E+ehORvg2YplXqX3ckoS7Kzk9cEdtC+LSzVICID9c/Tzsi0V5d...",
  "address": {
    "address1": "San Janet Street",
    "address2": "",
    "countryCommonName": "United Kingdom",
    "postcode": "SWA 1AA",
    "countryIso3": "GBR"
  },
  "dynamicFields": {}
}
'
Create a new customer account with personal information and authentication credentials. Customers can access self-service features including sending remittances, applying for loans, and managing investments.

Password Encryption

Security Requirement: The password and confirmPassword fields can optionally be encrypted using RSA public key encryption before sending to the API.
When registering customers, you can choose to encrypt password fields using the RSA public key provided on your dashboard. Encryption ensures data confidentiality during transmission.

Customer Registration Flow

The payloadEncrypted field determines how the system processes your payload:
ValueDescription
trueIndicates payload is RSA-encrypted. The system will decrypt before processing.
falseIndicates payload is sent as raw plaintext. Use only for testing or internal systems.
For production integrations, use payloadEncrypted with encrypted passwords to protect customer credentials.

Encryption Keys & Tokens

Learn how to encrypt passwords using RSA public key encryption with OAEP padding (SHA-256).

Request Headers

HeaderTypeRequiredDescription
Content-TypestringYesMust be application/json
platformstringYesPlatform identifier. Use fincode
uuidstringYesUnique request identifier. Use 200

Code Examples

const axios = require('axios');
const crypto = require('crypto');

// Encrypt password using RSA public key
function encryptPassword(password, publicKeyBase64) {
  const publicKeyPem = `-----BEGIN PUBLIC KEY-----\n${publicKeyBase64}\n-----END PUBLIC KEY-----`;

  const encrypted = crypto.publicEncrypt(
    {
      key: publicKeyPem,
      padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
      oaepHash: 'sha256',
    },
    Buffer.from(password, 'utf8')
  );

  return encrypted.toString('base64');
}

async function createCustomer(customerData, publicKey) {
  // Encrypt passwords before sending
  const encryptedPassword = encryptPassword(customerData.password, publicKey);

  try {
    const response = await axios.post(
      'https://agent.fincode.software/api/v6/services/usermanagement/register-customer',
      {
        devicePlatform: customerData.devicePlatform,
        appVersion: customerData.appVersion,
        appId: customerData.appId,
        customerType: customerData.customerType,
        payloadEncrypted: true, // Required for encrypted data
        firstName: customerData.firstName,
        lastName: customerData.lastName,
        email: customerData.email,
        address: {
          street: customerData.address.street,
          city: customerData.address.city,
          state: customerData.address.state,
          postalCode: customerData.address.postalCode,
          country: customerData.address.country,
        },
        dialingCode: customerData.dialingCode,
        phone: customerData.phone,
        dob: customerData.dob,
        password: encryptedPassword,
        confirmPassword: encryptedPassword,
        dynamicFields: customerData.dynamicFields || {},
      },
      {
        headers: {
          'Content-Type': 'application/json',
          platform: 'fincode',
          uuid: '200',
        },
      }
    );

    console.log('Customer created successfully!');
    console.log('Customer ID:', response.data.customerId);

    return response.data;
  } catch (error) {
    console.error(
      'Failed to create customer:',
      error.response?.data || error.message
    );
    throw error;
  }
}
For internal testing or development environments where encryption is not required:
curl -X POST "https://agent.fincode.software/api/v6/services/usermanagement/register-customer" \
  -H "Content-Type: application/json" \
  -H "platform: fincode" \
  -H "uuid: 200" \
  -d '{
    "devicePlatform": "Android",
    "appVersion": "1",
    "appId": "com.app.remit_junction",
    "customerType": "INDIVIDUAL",
    "payloadEncrypted": false,
    "firstName": "John",
    "lastName": "Doe",
    "email": "john.doe+test@example.com",
    "dialingCode": "+44",
    "phone": "973 293 74813",
    "dob": "1990-05-15T00:00:00+01:00",
    "password": "SecurePass123!",
    "confirmPassword": "SecurePass123!",
    "address": {
      "address1": "123 High Street",
      "address2": "",
      "countryCommonName": "United Kingdom",
      "postcode": "SW1A 1AA",
      "countryIso3": "GBR"
    },
    "dynamicFields": {}
  }'
Never use payloadEncrypted: false in production environments as it transmits passwords without encryption.

Validation Rules

  • Must be a valid email format - Must be unique across all customers in the tenant - Cannot be changed after creation - Maximum length: 255 characters
  • Minimum 8 characters - At least one uppercase letter (A-Z) - At least one lowercase letter (a-z) - At least one number (0-9) - At least one special character (!@#$%^&*) - Cannot contain common words or patterns
  • Must be in international format with country code - Example: +447123456789 (UK), +12125551234 (US) - No spaces or special characters except leading + - Must be a valid phone number for the country
  • Customer must be at least 18 years old - Date of birth must be in ISO format (YYYY-MM-DD) - Cannot be a future date - Cannot be more than 120 years ago
  • First name: 2-50 characters - Last name: 2-50 characters - Only letters, spaces, hyphens, and apostrophes allowed - No numbers or special characters

Login

Authenticate the newly created customer

Submit KYC Documents

Upload verification documents for the customer

Headers

platform
string
default:fincode
required
uuid
string
default:200
required

Body

application/json
devicePlatform
string
required
Example:

"IOS"

appVersion
string
required
Example:

"1"

appId
string
required
Example:

"com.fincode.remitjunction"

customerType
enum<string>
default:INDIVIDUAL
required
Available options:
INDIVIDUAL,
COMPANY
Example:

"INDIVIDUAL"

payloadEncrypted
boolean
default:true
required

Determines whether the payload contains encrypted or raw data. Use payloadEncrypted: true when sending encrypted passwords, or payloadEncrypted: false for raw passwords.

Example:

true

firstName
string
required
Example:

"Excel"

lastName
string
required
Example:

"Nwachukwu"

email
string<email>
required
Example:

"excel.nwachukwu+2@fincode.co.uk"

dialingCode
string
required
Example:

"+44"

phone
string
required
Example:

"984 573 63733"

dob
string<date>
required
Example:

"1989-12-16"

password
string<password>
required

Customer password. Must be RSA-encrypted (Base64) when using payloadEncrypted is true, or raw when using false.

Example:

"O5ti8XI/pLYC27E+ehORvg2YplXqX3ckoS7Kzk9cEdtC+LSzVICID9c/Tzsi0V5d..."

confirmPassword
string<password>
required

Must match the password field. Must be RSA-encrypted (Base64) when using payloadEncrypted is true, or raw when false.

Example:

"O5ti8XI/pLYC27E+ehORvg2YplXqX3ckoS7Kzk9cEdtC+LSzVICID9c/Tzsi0V5d..."

address
object
required
dynamicFields
object
required

Response

200

Customer registered successfully