Payor Onboarding API
Onboarding Payors (sub-merchants) programmatically using the Pockyt API.
Payor Onboarding via API
Introduction
This guide walks Merchant of Record (MoR) integrations through the process of onboarding Payors (sub-merchants) programmatically using the Pockyt API. Instead of registering Payors manually through the Pockyt Portal, the MoR can automate the process using two endpoints.
The onboarding workflow has two key functions:
- Register Payor: The MoR backend submits the Payor's business information, representative details, and banking data to Pockyt. Pockyt returns a
payorNothat identifies the Payor across all subsequent payout operations. - Upload Documents: The MoR backend uploads the Payor's verification documents (business license, government ID, bank statements, etc.) using the
payorNo. Pockyt's compliance team reviews the submission and approves or declines the Payor.
Once approved, the MoR can register payees, create funding accounts, and execute payouts on behalf of that Payor using the standard payout endpoints with the payorNo parameter.
Pre-requisitesMoR Account: You must have an active Merchant of Record account with Pockyt. Your account must be in
APPROVEDorEFFECTIVEstatus and have the MoR merchant type enabled.API Credentials: Obtain
merchantNo,storeNo, and your API token from Pockyt. These are the same credentials used across all Pockyt payout endpoints.Document Preparation: Have your Payor's verification documents ready before starting — at minimum a business license and a government-issued ID for the representative. See Supported Document Types for the full list.
API Diagram
sequenceDiagram
participant MB as MoR Backend
participant PA as Pockyt API
participant PC as Pockyt Compliance
Note over MB: Step 1: Register Payor
MB->>PA: POST /v1/payor/register
PA-->>MB: payorNo, status: SUBMITTED
Note over MB: Step 2: Upload Documents
MB->>PA: POST /v1/payor/upload/{payorNo}
PA-->>MB: Upload confirmation
MB->>PA: POST /v1/payor/upload/{payorNo} (repeat per document)
PA-->>MB: Upload confirmation
Note over PC: Compliance Review
PC-->>PA: Payor status updated (APPROVED / DECLINED)
API workflow
API References for Endpoints in this Workflow:
- Step 1 Register Payor
- Step 2 Upload Payor Document
Step-by-Step Payor Onboarding Workflow
Step 1: Register Payor
Action: The MoR backend submits the Payor's business and representative information to Pockyt, which returns a payorNo identifying the new Payor.
- The MoR backend calls the
POST /v1/payor/registerendpoint with the Payor's business details, DBA address, bank information, representative information, and payment settings. - Authentication uses the standard
verifySignsignature — the same MD5-based signing method used across all Pockyt payout endpoints. - On success, the response includes a
payorNoand a status ofSUBMITTED. ThepayorNois permanent and will be used in Step 2 and in all future payout operations for this Payor.
Important: ThelegalNamemust be unique across all Payors. If either is already registered, the API returns an error. Plan your Payor data accordingly before submitting.
Step 2: Upload Documents
Action: The MoR backend uploads the Payor's verification documents using the payorNo returned in Step 1.
- The MoR backend calls the
POST /v1/payor/upload/{payorNo}endpoint for each document. Authentication parameters (merchantNo,storeNo,timestamp,verifySign) and thefileTypeare sent as query parameters. The file itself is sent asmultipart/form-datain the request body. - Each call uploads a single document. Repeat the call for each required document type — at minimum, upload a
businessLicenseand anissuedIdfor the representative. - Files must be under 10 MB. Supported formats include PDF, JPEG, PNG, DOC/DOCX, and XLS/XLSX.
Note: Thefilecontent is excluded from theverifySignsignature calculation. Only the query parameters (merchantNo,storeNo,payorNo,timestamp,fileType, and optionallyfileName) participate in the signature.
After Submission
Once both steps are complete, the Payor application enters Pockyt's compliance review queue. The review includes underwriting, risk assessment, and document verification. Payor status progresses through these stages:
| Status | Meaning |
|---|---|
SUBMITTED | Application received, pending review |
PENDING | Under active compliance review |
APPROVED | Approved — ready for payout operations |
DECLINED | Rejected — contact Pockyt Solutions for details |
Once the Payor reaches APPROVED status, you can begin the payout flow: register payees with the payorNo, create funding accounts, and execute payouts. See Direct Merchant vs. MoR Payouts for a full explanation of how payorNo is used across the payout endpoints.
Supported Document Types
fileType Value | Description |
|---|---|
businessLicense | Business registration or license document |
certificate | Certificate photo of the company's legal person |
issuedId | Government-issued identification |
bankStatement | Bank statement (3-month) |
voidCheck | Voided check image |
photos | Business photos (one per API call, up to 20) |
companyProduct | Product or service catalog |
companyLogo | Company or brand logo |
others | Other supporting documents |
Important: Contract documents cannot be uploaded via API. Contracts must be uploaded directly in the Pockyt Portal by the MoR.
Key Considerations
-
Same Credentials, Different Auth Method: Unlike the Merchant Onboarding API (which uses OAuth bearer tokens), Payor onboarding uses the standard
verifySignMD5 signature — the same authentication method used across all Pockyt payout endpoints. No separate token step is needed. -
Portal Alternative: Payors can also be registered manually through the Pockyt Portal. The API flow described here is for MoRs that want to automate onboarding at scale.
-
Error Handling: A
ret_codeof000100indicates success on all Pockyt API responses. Common registration errors include000022(email already in use) and000023(legal name already in use). Handle errors consistently and implement retry logic for transient failures.
Updated about 22 hours ago