Create a signatory for a customer

Creates a new signatory for the given customer.

Access and authorization

  • The caller's partner identifier must be present in the security context (SIG_PARTNERID_REQUIRED if missing).
  • The service resolves the caller's legal entity from the token and verifies the requested customer is allowed for that caller (SIG_CUSTOMERACCESS_DENIED if not).
  • If no customer exists for customerId, the request fails (SIG_CUSTOMER_NOTFOUND).

Validation

  • fullName, emailAddress, and phoneNumber are required; title and approvalLimit are optional.
  • Email: must be a valid address format and must be unique where required by platform rules; duplicate or invalid submissions return a validation or business error with a message and code from the backend.
  • Phone: must pass the legal-entity validate-phone check (SIG_PHONE_INVALID, or an integration failure code if the validator cannot be reached).
  • Approval limit: when provided, must be non-negative and within the integer/fraction digit limits enforced by the API.

Returns HTTP 201 Created with the new signatory identifier and downstream status fields.

SecurityoAuth2
Request
path Parameters
customerId
required
integer <int64> >= 1

Customer (legal entity) identifier used on the public Open Banking surface.

Request Body schema: application/json
required
fullName
required
string

Full name of the signatory (required, not blank).

emailAddress
required
string <email>

Email address (required, valid email format).

title
string

Optional job title or role label.

approvalLimit
number

Optional monetary approval limit. If provided, must be >= 0 with at most 12 integer digits and 2 decimal places.

phoneNumber
required
string

Phone number (required). Validated against the legal-entity phone validation service after format checks.

Responses
201

Signatory created

400

HTTP 400 — Bad Request

This response is returned when the request is invalid or cannot be processed.

The response includes a list of errors, where each error contains:

  • code: A unique identifier for the error
  • message: A description of the issue

Possible reasons include:

  • Missing or invalid input values
  • Incorrect request format
  • Invalid email or phone number
  • Invalid approval limit values
  • Missing required identifiers
  • Customer not found or access not allowed
  • Issues while processing the request

Common error codes: SIG_FULLNAME_REQUIRED, SIG_EMAIL_REQUIRED, SIG_EMAIL_INVALID, SIG_PHONE_REQUIRED, SIG_PHONE_INVALID, SIG_APPROVALLIMIT_MIN, SIG_APPROVALLIMIT_INVALID, SIG_PARTNERID_REQUIRED, SIG_CUSTOMER_NOTFOUND, SIG_CUSTOMERACCESS_DENIED, SIG_VALIDATION_ERROR, SIG_SERVICECALL_FAILED, SIG_SIGNATORYNOTFOUND, PHONE_SERVICECALL_FAILED

Note:

  • Some scenarios such as "not found" or "access denied" may still return HTTP 400.
401

HTTP 401 — Unauthorized

This response is returned when authentication is missing or invalid.

The response includes:

  • code: A standard error identifier
  • message: A message indicating that authorization is required
403

HTTP 403 — Forbidden

This response is returned when the request is understood but not allowed.

The response includes:

  • code: A standard error identifier
  • message: A message indicating that access is denied

Note:

  • This is different from request validation errors, which return HTTP 400.
500

HTTP 500 — Internal Server Error

This response is returned when an unexpected error occurs while processing the request.

The response includes:

  • code: A standard error identifier
  • message: A general message describing the failure

Note:

  • Errors related to invalid input or request data will return HTTP 400, not 500.
post/v1/customers/{customerId}/signatories
Request samples
application/json
{
  • "fullName": "Jane Doe",
  • "emailAddress": "jane.doe@example.com",
  • "title": "CFO",
  • "approvalLimit": 100000.5,
  • "phoneNumber": "+15551234567"
}
Response samples
application/json
{
  • "id": 0,
  • "status": "string",
  • "message": "Signatory created successfully."
}