Skip to main content
POST
/
api
/
v2.1
/
customer
/
organization
/
{organizationId}
/
consents
/
{consentType}
Accept organization consent
curl --request POST \
  --url https://sandbox.finhub.cloud/api/v2.1/customer/organization/{organizationId}/consents/{consentType} \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --header 'User-Agent: <user-agent>' \
  --header 'X-Forwarded-For: <x-forwarded-for>' \
  --header 'X-Forwarded-From: <x-forwarded-from>' \
  --header 'X-Tenant-ID: <x-tenant-id>' \
  --header 'deviceId: <deviceid>' \
  --header 'platform: <platform>' \
  --data '
{
  "accepted": true,
  "version": "1.0"
}
'
{
  "code": 200,
  "message": "terms and conditions accepted successfully",
  "data": {
    "id": "consent-cust-8947f987-90be-4129-b397-43ffc1aae87c",
    "consentType": "TERMS_AND_CONDITIONS",
    "isRequired": true,
    "isGranted": true,
    "version": "1.0",
    "status": "ACCEPTED"
  }
}

Organization Consent Acceptance

Accept required consents (Terms & Conditions, Privacy Policy, Data Processing) for organization customers as part of the onboarding verification flow.
Base URL: https://sandbox.finhub.cloud/api/v2.1
All three consents must be accepted before the organization account can be activated.

Accept Terms and Conditions

Endpoint

POST /api/v2.1/customer/organization/{organizationId}/consents/{consentType}

Path Parameters

organizationId
string
required
Organization customer identifier
consentType
string
required
Type of consent to acceptValid Values:
  • terms — Terms and Conditions
  • privacy — Privacy Policy
  • data-processing — Data Processing Agreement

Headers

X-Tenant-ID
string
required
Tenant identifier
Authorization
string
required
Bearer token for authentication
Content-Type
string
required
Must be application/json
X-Forwarded-From
string
required
Source identifier for request origin tracking
platform
string
required
Client platform identifier. Also accepted as sec-ch-ua-platform
deviceId
string
required
Unique device identifier. Also accepted as X-Device-Id or device-id

Request Body

accepted
boolean
required
Must be true to accept the terms and conditions
version
string
required
Version of the terms being acceptedExample: "1.0"

Code Examples

curl -X POST "https://sandbox.finhub.cloud/api/v2.1/customer/organization/{organizationId}/consents/terms" \
  -H "Accept: application/json, text/plain, */*" \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: 97e7ff29-15f3-49ef-9681-3bbfcce4f6cd" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Forwarded-From: e2e-test" \
  -H "platform: web" \
  -H "deviceId: e2e-test-device" \
  -d '{
  "accepted": true,
  "version": "1.0"
}'

{
  "code": 200,
  "message": "terms and conditions accepted successfully",
  "data": {
    "id": "consent-cust-8947f987-90be-4129-b397-43ffc1aae87c",
    "consentType": "TERMS_AND_CONDITIONS",
    "isRequired": true,
    "isGranted": true,
    "version": "1.0",
    "status": "ACCEPTED"
  }
}

Accept Privacy Policy

Endpoint

POST /api/v2.1/customer/organization/{organizationId}/consents/privacy

Request Body

accepted
boolean
required
Must be true
version
string
required
Version of the privacy policy being acceptedExample: "1.0"

Code Examples

curl -X POST "https://sandbox.finhub.cloud/api/v2.1/customer/organization/{organizationId}/consents/privacy" \
  -H "Accept: application/json, text/plain, */*" \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: 97e7ff29-15f3-49ef-9681-3bbfcce4f6cd" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Forwarded-From: e2e-test" \
  -H "platform: web" \
  -H "deviceId: e2e-test-device" \
  -d '{
  "accepted": true,
  "version": "1.0"
}'

{
  "code": 200,
  "message": "privacy policy accepted successfully",
  "data": {
    "id": "consent-cust-dfe348a4-aac4-4a7b-a836-962b1a910ca8",
    "consentType": "PRIVACY_POLICY",
    "isRequired": true,
    "isGranted": true,
    "version": "1.0",
    "status": "ACCEPTED"
  }
}

Accept Data Processing

Endpoint

POST /api/v2.1/customer/organization/{organizationId}/consents/data-processing

Request Body

accepted
boolean
required
Must be true
version
string
required
Version of the data processing agreement being acceptedExample: "1.0"

Code Examples

curl -X POST "https://sandbox.finhub.cloud/api/v2.1/customer/organization/{organizationId}/consents/data-processing" \
  -H "Accept: application/json, text/plain, */*" \
  -H "Content-Type: application/json" \
  -H "X-Tenant-ID: 97e7ff29-15f3-49ef-9681-3bbfcce4f6cd" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "X-Forwarded-From: e2e-test" \
  -H "platform: web" \
  -H "deviceId: e2e-test-device" \
  -d '{
  "accepted": true,
  "version": "1.0"
}'

{
  "code": 200,
  "message": "data processing accepted successfully",
  "data": {
    "id": "consent-cust-2d604549-aab8-4ccc-b706-68202cb9f540",
    "consentType": "DATA_PROCESSING",
    "isRequired": true,
    "isGranted": true,
    "version": "1.0",
    "status": "ACCEPTED"
  }
}
Accept all three consents in sequence: 
const acceptAllOrgConsents = async (organizationId) => {
  const consents = ['terms', 'privacy', 'data-processing'];
  
  for (const consent of consents) {
    const response = await fetch(
      `https://sandbox.finhub.cloud/api/v2.1/customer/organization/${organizationId}/consents/${consent}`,
      {
        method: 'POST',
        headers: {
          'Accept': 'application/json, text/plain, */*',
          'Content-Type': 'application/json',
          'X-Tenant-ID': '97e7ff29-15f3-49ef-9681-3bbfcce4f6cd',
          'Authorization': `Bearer ${accessToken}`,
            'X-Forwarded-From': 'e2e-test',
          'platform': 'web',
          'deviceId': 'e2e-test-device'
        },
        body: JSON.stringify({ accepted: true, version: '1.0' })
      }
    );
    
    const result = await response.json();
    console.log(`${consent}: ${result.data.status}`);
  }
};

Next Steps

Activate Organization

Activate the verified organization account

Headers

User-Agent
string
required

Browser user agent

Example:

"Mozilla/5.0"

X-Forwarded-For
string
required

Client/application Ip address

Example:

"192.168.0.1"

X-Forwarded-From
string
required

Client/application identifier for request source tracking

Example:

"playground"

X-Tenant-ID
string
required

Tenant identifier

Example:

"97e7ff29-15f3-49ef-9681-3bbfcce4f6cd"

X-User-ID
string

Authenticated user identifier

Example:

"87b3af37-4ac1-402b-a0ea-53cfdc695e02"

platform
string
required

Client platform identifier. Also accepted as sec-ch-ua-platform

Example:

"web"

deviceId
string
required

Device identifier

Example:

"e2e-test-device"

Authorization
string
required

Bearer token from admin or customer session creation

Example:

"Bearer <token>"

Path Parameters

consentType
enum<string>
required

Consent type to accept (terms, privacy, or data-processing)

Available options:
terms,
privacy,
data-processing
Example:

"terms"

organizationId
string
required

Organization identifier (UUID)

Example:

"b4c3d4e7-f8a9-0123-b4c5-d6e7f8a9012b"

Body

application/json
accepted
boolean
required
Example:

true

version
string
required
Example:

"1.0"

Response

200 - application/json

Consent accepted successfully

Standard API response wrapper used by all endpoints

code
integer

HTTP status code

Example:

200

data
object

Response from consent acceptance endpoints

message
string

Human-readable status message

Example:

"Success"