User Disclosures
Institution User Disclosure APIs manage user‑level disclosure acceptance and enrollment. They track whether individual users have accepted, rejected, or enrolled in required disclosures—supporting compliance during onboarding, account updates, and ongoing digital banking usage.
End-user benefits
- View and accept required disclosures during onboarding.
- Query current disclosure and enrollment status.
Integration capabilities
- Track end-user acceptance programmatically.
- Align with e-statement enrollment.
- Business Banking: use
institutionCustomerIdfor location/business context; resolve the business entity via the Institution User API when needed.
User disclosure statuses
| Status | Description |
|---|---|
ENROLLED | User enrolled (e.g. e-statements) |
NOT_ENROLLED | Not enrolled |
ACCEPTED | Disclosure accepted |
NOT_ACCEPTED | Disclosure not accepted |
Scopes
| Scope | Description |
|---|---|
accounts:read | Get and find accounts |
disclosures:read | Retrieve disclosure information |
disclosures:write | Create, update, or delete disclosures |
institution-users:read | Required with disclosures:read for user context |
Required headers
| Header | Description |
|---|---|
Authorization | Bearer token (V2 authentication) |
transactionId | Unique identifier for request tracking |
Error codes (DSC_*)
| Code | Message | HTTP Status Code |
|---|---|---|
| DSC_10002 | Invalid request | 400 |
| DSC_10003 | Invalid operation | 501 |
| DSC_10009 | Invalid query param | 400 |
| DSC_11001 | Full authentication was not provided in the request | 401 |
| DSC_11002 | The authentication token is invalid | 401 |
| DSC_11003 | The authentication does not authorize this request | 401 |
| DSC_11004 | A location id is required for business banking users | 400 |
| DSC_12001 | Request should only contain printable ASCII characters | 400 |
| DSC_12002 | Request is missing a transactionId header | 400 |
| DSC_12003 | Request transactionId header is too long | 400 |
| DSC_12004 | Required fields are not provided or not valid | 400 |
| DSC_12005 | Request cannot be blank | 400 |
| DSC_12006 | Invalid or empty account type in request | 400 |
| DSC_12007 | Request header is too long | 400 |
| DSC_12011 | One of the request field lengths is greater than max length | 400 |
| DSC_12012 | Disclosure ids from request body and URL do not match | 400 |
| DSC_12013 | Request callingAppId header is too long | 400 |
| DSC_13001 | Data not found for user | 400 |
| DSC_13002 | Disclosures are not retrieved successfully | 500 |
| DSC_13003 | Disclosures are not created successfully | 500 |
| DSC_13004 | Disclosures are not updated successfully | 500 |
| DSC_22001 | Internal validation error | 500 |
| DSC_23002 | Error interacting with CBS Service | 500 |
| DSC_23003 | Error interacting with CAS Service | 500 |
| DSC_90000 | Server cannot handle this request | 400 |
| DSC_99997 | Client error | 400 |
| DSC_99999 | Internal server error | 500 |
Endpoints
Create User Disclosure
Creates a new user disclosure acceptance record. Use this to record when a user accepts
Delete User Disclosure for Online Statement
Deletes a user disclosure acceptance record. Use this to remove a user's disclosure
List User Disclosures
Retrieves all disclosure acceptance records for the authenticated user. Returns the status
Update User Disclosure
Updates an existing user disclosure record. Use this to change the user's acceptance status