Create enrollment

Opens a JSR enrollment request for the selected institution. The response includes redirectUrl (send the end user there to authenticate at the account holder) and id — persist this identifier as the enrollment id for device options, register device, and later payments.

The OpenAPI schema names the institution field AuthorisationServerId (PascalCase). The redirectUrl in the body is where the bank sends the user back; your page must parse the URL fragment for code, state, and id_token.

POST/api/v1/jsr/enrollments

Create enrollment

Creates a JSR enrollment and returns redirectUrl and id for the bank redirect and follow-up calls.

Auth: Bearer Token

Cabeçalhos

2 campos

subTenantId●

headerstring

Subtenant under which the enrollment is created.

x-client-ip●

headerstring

End-user client IP as seen by your backend.

Corpo da requisição

5 campos

organisationId●

bodystring

OrganisationId from Get registered participants.

AuthorisationServerId●

bodystring

Authorisation server id from Get registered participants.

redirectUrl●

bodystring

Relying-party URL after bank confirmation. Must parse fragment parameters code, state, and id_token.

enrollment●

bodyobject

Enrollment metadata and optional debtor account hints.

document●

bodystring

Payer document (CPF/CNPJ digits as applicable).

externalId

bodystring

Your correlation id for the enrollment.

deviceName

bodystring

Human-readable device label.

debtor

bodyobject

Optional debtor account hints.

accountNumber●

bodystring

accountIssuer●

bodystring

accountIspb●

bodystring

accountType●

bodystring

riskSignals●

bodyobject

Risk signals for the enrollment step. Additional optional fields exist in OpenAPI.

deviceId●

bodystring

userTimeZoneOffset●

bodystring

language●

bodystring

screenDimensions●

bodyobject

width●

bodynumber

height●

bodynumber

accountTenure●

bodystring

ISO date user registered on your platform.

osVersion

bodystring

OS version.

elapsedTimeSinceBoot

bodynumber

Milliseconds since boot.

screenBrightness

bodynumber

Screen brightness where applicable.

isRootedDevice

bodyboolean

Whether device is rooted.

curl --request POST \
  --url 'https://embedded-payment-manager.hml.linaob.com.br/api/v1/jsr/enrollments' \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer <SEU_TOKEN>' \
  --header 'subTenantId: subtenant_abc123' \
  --header 'x-client-ip: 198.21.104.1' \
  --data '{
  "organisationId": "74e929d9-33b6-4d85-8ba7-c146c867a817",
  "AuthorisationServerId": "c8f0bf49-4744-4933-8960-7add6e590841",
  "redirectUrl": "https://your-app.example.com/jsr/callback",
  "enrollment": {
    "document": "76109277673",
    "externalId": "2387a9c9-04f1-40ae-acc8-a2acf5a31458",
    "deviceName": "iPhone 16",
    "debtor": {
      "accountNumber": "12345678",
      "accountIssuer": "1774",
      "accountIspb": "12345678",
      "accountType": "CACC"
    }
  },
  "riskSignals": {
    "deviceId": "00aa11bb22cc33dd",
    "userTimeZoneOffset": "-03",
    "language": "pt",
    "screenDimensions": {
      "width": 1080,
      "height": 2340
    },
    "accountTenure": "2023-01-01",
    "osVersion": "14",
    "elapsedTimeSinceBoot": 6356027,
    "isRootedDevice": false
  }
}'

Response

200Enrollment created; user must visit redirectUrl at the account holder.

Response body

object

dataobjectrequired
- idstringrequired
  Enrollment identifier — use in device registration path and later JSR payment calls.
- redirectUrlstringrequired
  Bank URL to complete enrollment.
messagestring
Response message.
typestring
Envelope type.
statusCodeinteger· nullable
HTTP status in envelope.

200 · Enrollment created; user must visit redirectUrl at the account holder.

{
  "data": {
    "id": "enr_abc123",
    "redirectUrl": "https://bank.example.com/jsr/start?token=xyz"
  },
  "message": "OK",
  "type": "success",
  "statusCode": 200
}

Next steps

Enrollment device options — exchange fragment parameters for FIDO registration options.