Skip to content
StraventaDocs

Reject a pending case disposition

The checker step. Rejects a `pending_approval` disposition — the rejecter MUST be a distinct user from the submitter (segregation of duties applies to reject too), else `409 self_approval_forbidden`. The case returns to open/assigned. Requires `fraud.cases.approve`.

POST
/v1/fraud/cases/{id}/disposition/{dispId}/reject

The checker step. Rejects a pending_approval disposition — the rejecter MUST be a distinct user from the submitter (segregation of duties applies to reject too), else 409 self_approval_forbidden. The case returns to open/assigned. Requires fraud.cases.approve.

Authorization

bearerAuth
AuthorizationBearer <token>

PayOps platform JWT issued by the auth-service. The tenant_id claim is extracted server-side; callers do NOT send tenant_id in the request body.

In: header

Path Parameters

id*string
Formatuuid
dispId*string
Formatuuid

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

reason?string

Response Body

application/json

application/json

application/json

application/json

curl -X POST "https://example.com/v1/fraud/cases/497f6eca-6276-4993-bfeb-53cbbbba6f08/disposition/497f6eca-6276-4993-bfeb-53cbbbba6f08/reject" \  -H "Content-Type: application/json" \  -d '{    "reason": "insufficient evidence; returning to queue"  }'
{
  "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  "case_id": "c74269e5-1f97-4e20-9164-ffbe3494d8d6",
  "action": "created",
  "state": "pending_approval",
  "disposition": "clear",
  "reason": "string",
  "submitted_by": "6703ac2f-9eb5-40e9-9fde-511b2dbf4be5",
  "approved_by": "02030314-b162-4b4d-8af1-88eabdcc615d",
  "created_at": "2019-08-24T14:15:22Z"
}
{
  "error": "forbidden",
  "message": "missing required permission: fraud.rules.write",
  "request_id": "01JA8BHN2P0ECTXN3J6TBKMS7Q"
}
{
  "error": "not_found",
  "message": "rule not found",
  "request_id": "01JA8BHN2P0ECTXN3J6TBKMS7Q"
}
{
  "error": "self_approval_forbidden",
  "message": "a disposition cannot be approved or rejected by its submitter",
  "request_id": "01JA8BHN2P0ECTXN3J6TBKMS7Q"
}

Was this page helpful?