> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mangopay.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Enroll a User in SCA

> Obtain an SCA redirection link to enroll an Owner user

If `UserCategory` is `OWNER`, this endpoint allows you to enroll a user in SCA. Your platform needs to retrieve the returned `PendingUserAction.RedirectUrl`, add an encoded `returnUrl` query parameter for them to be returned to after the SCA session, and redirect the user.

[Read more about SCA redirection](/guides/sca/session) **→**

You can use this endpoint to obtain a new session `RedirectUrl`. This is useful to:

* Enroll Owners created without SCA enrollment
* Retry enrollment if a previous session was unsuccessful or expired (after 10 minutes)

Calling this endpoint creates a new valid session that can be used, even if there is one already in progress for the user. Calling this endpoint also doesn't change the user's `UserStatus`, even if the session expires or is unsuccessful.

<Note>
  **Note – This endpoint doesn't change UserStatus**

  Calling this endpoint does **not** change the user's status to `PENDING_USER_ACTION` (it stays as `ACTIVE`) and no `USER_ACCOUNT_VALIDATION_ASKED` webhook notification is sent.

  This ensures that legacy users do not become blocked if they are unable to complete SCA successfully.
</Note>

<Warning>
  **Caution – Legal representative's email required**

  For `OWNER` users, the `LegalRepresentative.Email` address is required.

  SCA uses this email address to build a [behavioral biometrics profile](/guides/sca/factors#email-confirmation-behavioral-biometrics) and as a backup communication channel.

  Prior to SCA, it was possible to create a Legal `OWNER` without the `LegalRepresentativeEmail`, so this data may be missing. Calling this endpoint without this data will return an error.
</Warning>

### Path parameters

<ParamField path="UserId" type="string" required>
  The unique identifier of the user.
</ParamField>

### Responses

<AccordionGroup>
  <Accordion title="200" defaultOpen>
    <ResponseField name="PendingUserAction" type="object">
      Object containing the link needed for SCA redirection if triggered by the API call (otherwise returned `null`).

      <Expandable title="properties" defaultOpen>
        <ResponseField name="RedirectUrl" type="string">
          The URL to which to redirect the user to perform strong customer authentication (SCA) via a Mangopay-hosted webpage. This value is a variable and should not be hardcoded.

          The SCA session link expires 10 minutes after it's generated.

          **Caution:** Before redirecting the user on this URL, you must add the query parameter `ReturnUrl`  with the percent-encoded URL to which you want the SCA session to return the user after authentication (whether successful or not).

          For more details, see [How to redirect a user for an SCA session](/guides/sca/session#how-to-redirect-a-user-for-sca).
        </ResponseField>
      </Expandable>
    </ResponseField>
  </Accordion>
</AccordionGroup>

<AccordionGroup>
  <Accordion title="400 - Endpoint not allowed if category is PAYER">
    ```json theme={null}
    {
        "Message": "This endpoint is not allowed for User categorized as PAYER",
        "Type": "not_allowed_for_user_category_payer",
        "Id": "4f848681-e524-403b-913a-12bf47095328",
        "Date": 1736765347,
        "errors": null
    }
    ```

    To enroll a user whose `UserCategory` is `PAYER` in SCA, use the endpoints [PUT Categorize a Natural User](/api-reference/users/categorize-natural-user) or [PUT Categorize a Legal User](/api-reference/users/categorize-legal-user).
  </Accordion>
</AccordionGroup>

<ResponseExample>
  ```json 200 theme={null}
  {
      "PendingUserAction": {
          "RedirectUrl": "https://sca.sandbox.mangopay.com/?token=0193cf51ed367151a0cb1c59def21e13"
      }
  }
  ```
</ResponseExample>

<RequestExample>
  ```json REST theme={null}
  // This POST has no body
  ```

  ```php PHP theme={null}
  <?php
  require_once 'vendor/autoload.php';

  use MangoPay\MangoPayApi;

  $api = new MangoPayApi();

  $api->Config->ClientId = 'your-mangopay-client-id';
  $api->Config->ClientPassword = 'your-mangopay-api-key';
  $api->Config->TemporaryFolder = 'tmp/';

  try {
      $userId = 'user_m_01JZWV35ZQZF8T9BYQ3494N4R7';
      
      $response = $api->Users->Enroll($userId);
      
      print_r($response);
  } catch(\MangoPay\Libraries\ResponseException $e) {
  $errorDetails = $e->GetErrorDetails();
  if ($errorDetails) {
      error_log("Mangopay API error message: " . $errorDetails->Message);
      error_log("Mangopay API error type: " . $errorDetails->Type);
  }
  error_log("HTTP status Code: " . $e->GetErrorCode());
  error_log("Request URL: " . $e->RequestUrl);
  return $e;
  }
  ```

  ```ruby Ruby theme={null}
  require 'mangopay'

  MangoPay.configure do |client|
    client.preproduction = true
    client.client_id = 'your-mangopay-client-id'
    client.client_apiKey = 'your-mangopay-api-key'
    client.log_file = File.join(Dir.pwd, 'mangopay.log')
  end

  def enrollNaturalUser(userId)
    begin
      response = MangoPay::User.enroll_sca(userId)
      puts response
      return response
    rescue MangoPay::ResponseError => error
      puts "Failed to create User: #{error.message}"
      puts "Error details: #{error.details}"
      return false
    end
  end

  enrollNaturalUser('user_m_01K85X5HKK3YD61Y3YXD9FHV7H')
  ```

  ```csharp .NET theme={null}
  using MangoPay.SDK;
  using Newtonsoft.Json;

  public class EnrollUser
  {
      public void Run()
      {
          Task.Run(async () =>
          {
              MangoPayApi api = new MangoPayApi();

              api.Config.ClientId = "your-client-id";
              api.Config.ClientPassword = "your-api-key";

              var result =
                  await api.Users.EnrollSca("user_m_01K8B28H25JBHX1QFVC0T54S1Q");

              string prettyPrint = JsonConvert.SerializeObject(result, Formatting.Indented);
              Console.WriteLine(prettyPrint);
          }).GetAwaiter().GetResult();
      }
  }
  ```
</RequestExample>