The Legal User object (SCA)

Description

The Legal User object represents a legal entity (legal person) like a company, non-profit or sole proprietor (read more about user types).

Mangopay users have one of two categories, indicated by UserCategory:

  • PAYER – User who can only make pay-ins to their wallets and transfers to other wallets.
  • OWNER – User who can also receive transfers to their wallets. Owners are able to request KYC verification, which if successful gives them the KYCLevel of REGULAR and the ability to request payouts.

To enable OWNER users to enroll in SCA, Mangopay released new versions of the user objects and new endpoints.

Changes from non-SCA object

The changes to the Legal User object are:

  • New UserStatus value PENDING_USER_ACTION indicating that the user must enroll in SCA
  • New response parameter PendingUserAction.RedirectUrl containing the SCA session URL to which the individual must be redirected (after adding an encoded returnUrl query parameter)
  • New LegalRepresentative object to group parameters related to the declared legal representative. This object includes the new LegalRepresentative.PhoneNumber and LegalRepresentative.PhoneNumberCountry, which may be used to pre-populate the user’s phone number in the SCA session

Caution – Legal representative’s email required

For OWNER users, the LegalRepresentative.Email address is required.

SCA uses this email address to build a behavioral biometrics profile and as a backup communication channel.

Prior to SCA, it was possible to create a Legal OWNER without the LegalRepresentativeEmail, so this data may be missing. Calling the POST Enroll a User in SCA endpoint without this data will return an error.

1{
2 "HeadquartersAddress": {
3 "AddressLine1": null,
4 "AddressLine2": null,
5 "City": null,
6 "Region": null,
7 "PostalCode": null,
8 "Country": null
9 },
10 "LegalRepresentativeAddress": {
11 "AddressLine1": null,
12 "AddressLine2": null,
13 "City": null,
14 "Region": null,
15 "PostalCode": null,
16 "Country": null
17 },
18 "Name": "Best Business",
19 "LegalPersonType": "BUSINESS",
20 "LegalRepresentativeFirstName": "Alex",
21 "LegalRepresentativeLastName": "Smith",
22 "LegalRepresentativeEmail": null,
23 "LegalRepresentativeBirthday": null,
24 "LegalRepresentativeNationality": null,
25 "LegalRepresentativeCountryOfResidence": null,
26 "ProofOfRegistration": null,
27 "ShareholderDeclaration": null,
28 "Statute": null,
29 "LegalRepresentativeProofOfIdentity": null,
30 "CompanyNumber": null,
31 "PhoneNumber": null,
32 "PhoneNumberCountry": null,
33 "Id": "user_m_01JHX3FQ7K0WB275T1BZ1SPZMF",
34 "Tag": "Legal User v2.01 example",
35 "CreationDate": 1737217268,
36 "PersonType": "LEGAL",
37 "Email": "best.business@example.com",
38 "KYCLevel": "LIGHT",
39 "TermsAndConditionsAccepted": false,
40 "TermsAndConditionsAcceptedDate": null,
41 "UserCategory": "PAYER",
42 "UserStatus": "ACTIVE"
43}

Attributes

Name
string

Max. length: 255 characters
The registered legal name of the entity. The Name value should be the one registered with the relevant national authority.

LegalPersonType
string

Returned values: BUSINESS, PARTNERSHIP, ORGANIZATION, SOLETRADER

The type of legal user. For information on which LegalPersonType to use for a particular local legal structure, see the verification requirements.

Caution: Modification of the LegalPersonType may result in a verification downgrade.

LegalRepresentative
object

Information about the legal representative declared for the user.

FirstName
string

Min. length: 1; max. length: 100

The first name of the individual.

LastName
string

Min. length: 1; max. length: 100

The last name of the individual.

ProofOfIdentity
string

The Id of the KYC Document whose Type is IDENTITY_PROOF if validated for the user. If no identity proof is validated, then this value is null.

Birthday
Unix timestamp

Returned null if UserCategory is PAYER.

The date of birth of the individual.

Note: This is a Unix timestamp in UTC. Ensure you convert your timezone to UTC to avoid midnight being interpreted as the day before.

Nationality
string

Returned null if UserCategory is PAYER.

The nationality of the individual.

CountryOfResidence
string

Returned null if UserCategory is PAYER.

The country of residence of the individual.

Email
string

Format: A valid email address
Required if UserCategory is OWNER. Returned null if UserCategory is PAYER.

The individual’s email address. For OWNER users, SCA uses this email address to build a behavioral biometrics profile and as a backup communication channel.

PhoneNumberCountry
string

Format: Two-letter country code (ISO 3166-1 alpha-2 format)

Required if the PhoneNumber is provided in local format (recommended), to render the value in the E.164 standard.

PhoneNumber
string

Format: International E.164 standard (preceded by plus sign and country code) or local format

The individual’s phone number. The local format (recommended) requires PhoneNumberCountry to ensure correct formatting.

If present, the phone number forms part of card transaction data that is passed to issuers to improve authentication rates.

For users with UserCategory OWNER , the phone number is used to pre-populate the SCA session for them to confirm and receive an SMS OTP. If the individual modifies the phone number during the session, this data is not updated in the API.

ProofOfRegistration
string

The Id of the KYC Document whose Type is REGISTRATION_PROOF if validated for the user. If no registration proof is validated, then this value is null.

ShareholderDeclaration
string

The Id of the KYC Document whose Type is SHAREHOLDERS_DECLARATION if validated for the user. If no Shareholder Declaration is validated, then this value is null.

Statute
string

The Id of the KYC Document whose Type is ARTICLES_OF_ASSOCIATION if validated for the user. If no articles of association document is validated, then this value is null.

CompanyNumber
string

Required if UserCategory is OWNER and LegalPersonType is BUSINESS. Returned null if UserCategory is PAYER.

The registration number of the entity, assigned by the relevant national authority. For information on the expected format for a specific country, see the Company number guide. To validate the format of a number before submitting documents for verification, use POST Validate the format of User data.

PendingUserAction
object

Object containing the link needed for SCA redirection if triggered by the API call (otherwise returned null).

properties
RedirectUrl
string

The URL to which to redirect the user to perform strong customer authentication (SCA) via a Mangopay-hosted webpage. This value is a variable and should not be hardcoded.

The SCA session link expires 10 minutes after it’s generated.

Caution: Before redirecting the user on this URL, you must add the query parameter ReturnUrl with the percent-encoded URL to which you want the SCA session to return the user after authentication (whether successful or not).

For more details, see How to redirect a user for an SCA session.

HeadquartersAddress
object

The legally registered address of the entity’s administrative center.
This object’s sub-parameters are null if the UserCategory is PAYER.

AddressLine1
string

Max. length: 255 characters
The first line of the address.

AddressLine2
string

Max. length: 255 characters
The second line of the address.

City
string

Max. length: 255 characters
The city of the address.

Region
string

Max. length: 255 characters
The region of the address. This field is optional except if the Country is US, CA, or MX.

PostalCode
string

Max. length: 255 characters
The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces.

Country
string

Format: Two-letter country code (ISO 3166-1 alpha-2 format)

The country of the address.

LegalRepresentativeAddress
object

The address of the entity’s legal representative.

AddressLine1
string

Max. length: 255 characters
The first line of the address.

AddressLine2
string

Max. length: 255 characters
The second line of the address.

City
string

Max. length: 255 characters
The city of the address.

Region
string

Max. length: 255 characters
The region of the address. This field is optional except if the Country is US, CA, or MX.

PostalCode
string

Max. length: 255 characters
The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces.

Country
string

Format: Two-letter country code (ISO 3166-1 alpha-2 format)

The country of the address.

Id
string

Max length: 128 characters (see data formats for details)

The unique identifier of the object.

Tag
string

Max. length: 255 characters
Custom data that you can add to this object.

CreationDate
Unix timestamp

The date and time at which the object was created.

PersonType
string

Returned values: NATURAL, LEGAL

The type of the user:

  • NATURAL – Natural users are individuals (natural persons).
  • LEGAL – Legal users are legal entities (legal persons) like companies, non-profits, and sole proprietors.

The PersonType is defined by the endpoint used to create the user and can’t be modified.

Email
string

Format: A valid email address
The email address for the entity.

KYCLevel
string

Default value: LIGHT

Returned values: LIGHT, REGULAR

The verification status of the user set by Mangopay:

  • LIGHT – Unverified, assigned by default to all users.
  • REGULAR – Verified, meaning the user has successfully completed the verification process and had the necessary documents validated by Mangopay. Only users whose UserCategory is OWNER can submit verification documents for validation. Only users whose KYCLevel is REGULAR can request payouts.
TermsAndConditionsAccepted
boolean

Whether the user has accepted Mangopay’s terms and conditions (as defined by your contract, see the T&Cs guide for details).

Must be true if UserCategory is OWNER.

TermsAndConditionsAcceptedDate
Unix timestamp

The date and time at which the TermsAndConditionsAccepted value was set to true.

Returned null if UserCategory is PAYER.

UserCategory
string

Possible values: PAYER, OWNER, PLATFORM

The category of the user:

  • PAYER – User who can only make pay-ins to their wallets and transfers to other wallets (as well as refunds for pay-ins and transfers).
  • OWNER – User who can also receive transfers to their wallets. Owners are able to request KYC verification, which if successful gives them the KYCLevel of REGULAR and the ability to request payouts.
  • PLATFORM – Single specific user that represents the platform. The PLATFORM value is only assigned by Mangopay and may be used as part of the validated workflow implemented by the platform.
UserStatus
string

Returned values: PENDING_USER_ACTION, ACTIVE, CLOSED

The status of the user:

  • PENDING_USER_ACTION – The user must enroll in SCA before they can become ACTIVE.
  • ACTIVE – The user account is active and the user can access Mangopay features.
  • CLOSED – The user account is permanently closed. This value is used by Mangopay to close an account following the procedure outlined in the terms and conditions.