API reference

One page per public endpoint: method, path, parameters, responses and errors.

Decision reason: adverse_creditAPI reference

Decision reason: adverse_credit

adverse_credit is a decision reason value. Adverse credit signals led to a decline. It appears in the <a…

Read →
Decision reason: affordabilityAPI reference

Decision reason: affordability

affordability is a decision reason value. The application did not meet affordability criteria. It appears in the <a…

Read →
Decision reason: identity_unverifiedAPI reference

Decision reason: identity_unverified

identity_unverified is a decision reason value. Identity or business verification could not be completed. It appears in the <a…

Read →
Decision reason: insufficient_trading_historyAPI reference

Decision reason: insufficient_trading_history

insufficient_trading_history is a decision reason value. The business had too little trading history to assess. It appears in the…

Read →
Decision reason: out_of_appetiteAPI reference

Decision reason: out_of_appetite

out_of_appetite is a decision reason value. The request fell outside current lending appetite. It appears in the <a…

Read →
Error code catalogueAPI reference

Error code catalogue

This is the master list of error.code values. Each links to a dedicated page with the exact cause, an example response and the…

Read →
Error code: account_suspendedAPI reference

Error code: account_suspended

account_suspended returns HTTP 403 with type: authentication_error. The partner account is suspended. Branch on the code and…

Read →
Error code: audience_mismatchAPI reference

Error code: audience_mismatch

audience_mismatch returns HTTP 401 with type: authentication_error. The token audience did not match this API. Branch on the code…

Read →
Error code: cms_page_not_foundAPI reference

Error code: cms_page_not_found

cms_page_not_found returns HTTP 404 with type: invalid_request_error. The requested CMS page key does not exist. When it is about…

Read →
Error code: consent_requiredAPI reference

Error code: consent_required

consent_required returns HTTP 422 with type: invalid_request_error. The consent gate was not satisfied. When it is about one…

Read →
Error code: form_requiredAPI reference

Error code: form_required

form_required returns HTTP 422 with type: invalid_request_error. The required <code>form</code> key was absent. When it is about…

Read →
Error code: idempotency_key_in_progressAPI reference

Error code: idempotency_key_in_progress

idempotency_key_in_progress returns HTTP 409 with type: invalid_request_error. A request with this key is still being processed…

Read →
Error code: idempotency_key_malformedAPI reference

Error code: idempotency_key_malformed

idempotency_key_malformed returns HTTP 400 with type: invalid_request_error. The idempotency key was not a valid format. When it…

Read →
Error code: idempotency_key_reusedAPI reference

Error code: idempotency_key_reused

idempotency_key_reused returns HTTP 409 with type: invalid_request_error. An idempotency key was reused with a different body…

Read →
Error code: insufficient_scopeAPI reference

Error code: insufficient_scope

insufficient_scope returns HTTP 403 with type: authentication_error. The token lacks the required scope. Branch on this code — it…

Read →
Error code: invalid_api_keyAPI reference

Error code: invalid_api_key

invalid_api_key returns HTTP 401 with type: authentication_error. The supplied credential was not valid. Branch on this code — it…

Read →
Error code: invalid_deptAPI reference

Error code: invalid_dept

invalid_dept returns HTTP 422 with type: invalid_request_error. The routing department was not recognised. When it is about one…

Read →
Error code: invalid_emailAPI reference

Error code: invalid_email

invalid_email returns HTTP 422 with type: invalid_request_error. A supplied email address was not valid. When it is about one…

Read →
Error code: invalid_jsonAPI reference

Error code: invalid_json

invalid_json returns HTTP 400 with type: invalid_request_error. The request body was not valid JSON. Branch on this code — it is…

Read →
Error code: invalid_value_typeAPI reference

Error code: invalid_value_type

invalid_value_type returns HTTP 422 with type: invalid_request_error. A field value was the wrong type. Branch on this code — it…

Read →
Error code: mcp_invalid_paramsAPI reference

Error code: mcp_invalid_params

mcp_invalid_params returns HTTP 422 with type: invalid_request_error. MCP tool parameters failed validation. When it is about one…

Read →
Error code: mcp_method_not_foundAPI reference

Error code: mcp_method_not_found

mcp_method_not_found returns HTTP 404 with type: invalid_request_error. An MCP JSON-RPC method was not recognised. When it is…

Read →
Error code: mcp_tool_not_foundAPI reference

Error code: mcp_tool_not_found

mcp_tool_not_found returns HTTP 404 with type: invalid_request_error. An MCP tool name was not recognised. When it is about one…

Read →
Error code: method_not_allowedAPI reference

Error code: method_not_allowed

method_not_allowed returns HTTP 405 with type: invalid_request_error. The HTTP method is not allowed on this route. Branch on the…

Read →
Error code: missing_api_keyAPI reference

Error code: missing_api_key

missing_api_key returns HTTP 401 with type: authentication_error. A partner-plane call had no API key. Branch on this code — it…

Read →
Error code: missing_content_typeAPI reference

Error code: missing_content_type

missing_content_type returns HTTP 400 with type: invalid_request_error. The request was missing a JSON content type. Branch on…

Read →
Error code: payload_too_largeAPI reference

Error code: payload_too_large

payload_too_large returns HTTP 422 with type: invalid_request_error. The fields object exceeded the size limit. When it is about…

Read →
Error code: rate_limitedAPI reference

Error code: rate_limited

rate_limited returns HTTP 429 with type: rate_limit_error. You exceeded the request rate. Branch on this code — it is stable —…

Read →
Error code: request_body_too_largeAPI reference

Error code: request_body_too_large

request_body_too_large returns HTTP 422 with type: invalid_request_error. The whole request body exceeded the size cap. Branch on…

Read →
Error code: resource_not_foundAPI reference

Error code: resource_not_found

resource_not_found returns HTTP 404 with type: invalid_request_error. The referenced resource does not exist. Branch on this code…

Read →
Error code: route_not_foundAPI reference

Error code: route_not_found

route_not_found returns HTTP 404 with type: invalid_request_error. No endpoint matches the path. Branch on this code — it is…

Read →
Error code: scope_not_grantedAPI reference

Error code: scope_not_granted

scope_not_granted returns HTTP 403 with type: authentication_error. The token is missing a specific required scope. Branch on the…

Read →
Error code: server_errorAPI reference

Error code: server_error

server_error returns HTTP 500 with type: api_error. An unexpected server-side error occurred. Branch on this code — it is stable…

Read →
Error code: signature_invalidAPI reference

Error code: signature_invalid

signature_invalid returns HTTP 400 with type: invalid_request_error. A request-signed call failed signature verification. Branch…

Read →
Error code: support_message_too_longAPI reference

Error code: support_message_too_long

support_message_too_long returns HTTP 422 with type: invalid_request_error. A support chat message exceeded the length limit…

Read →
Error code: support_session_closedAPI reference

Error code: support_session_closed

support_session_closed returns HTTP 409 with type: invalid_request_error. The support chat session is already closed. When it is…

Read →
Error code: temporarily_unavailableAPI reference

Error code: temporarily_unavailable

temporarily_unavailable returns HTTP 503 with type: api_error. The service is briefly unavailable. Branch on this code — it is…

Read →
Error code: token_expiredAPI reference

Error code: token_expired

token_expired returns HTTP 401 with type: authentication_error. The OAuth access token has expired. Branch on the code and apply…

Read →
Error code: token_revokedAPI reference

Error code: token_revoked

token_revoked returns HTTP 401 with type: authentication_error. The credential was revoked. Branch on the code and apply the fix…

Read →
Error code: unknown_fieldAPI reference

Error code: unknown_field

unknown_field returns HTTP 400 with type: invalid_request_error. The body contained a field the endpoint does not accept. Branch…

Read →
Error code: unsupported_media_typeAPI reference

Error code: unsupported_media_type

unsupported_media_type returns HTTP 415 with type: invalid_request_error. The content type is not supported. Branch on the code…

Read →
Error code: webhook_endpoint_limitAPI reference

Error code: webhook_endpoint_limit

webhook_endpoint_limit returns HTTP 422 with type: invalid_request_error. The endpoint limit was reached. Branch on the code and…

Read →
Error code: webhook_endpoint_url_invalidAPI reference

Error code: webhook_endpoint_url_invalid

webhook_endpoint_url_invalid returns HTTP 422 with type: invalid_request_error. A webhook endpoint URL was rejected. When it is…

Read →
Error code: webhook_event_unknownAPI reference

Error code: webhook_event_unknown

webhook_event_unknown returns HTTP 422 with type: invalid_request_error. An unknown event type was subscribed to. When it is…

Read →
Error code: webhook_signature_invalidAPI reference

Error code: webhook_signature_invalid

webhook_signature_invalid returns HTTP 400 with type: invalid_request_error. A webhook signature failed verification. Branch on…

Read →
Error code: webhook_signature_missingAPI reference

Error code: webhook_signature_missing

webhook_signature_missing returns HTTP 400 with type: invalid_request_error. A webhook arrived without a signature header. Branch…

Read →
GET /.well-known/oauth-authorization-serverReference

GET /.well-known/oauth-authorization-server

The OAuth 2.0 authorization-server metadata document (RFC 8414). Advertises the token endpoint, JWKS URI, supported grants and…

Read →
GET /.well-known/oauth-protected-resourceReference

GET /.well-known/oauth-protected-resource

The OAuth 2.0 protected-resource metadata document. Tells a client which authorization server guards a resource — used by MCP…

Read →
GET /partner/v1/applications/{id}Reference

GET /partner/v1/applications/{id}

Read a single application's current state on the partner ring: its status, the submitted details and links to the associated…

Read →
GET /partner/v1/decisions/{id}Reference

GET /partner/v1/decisions/{id}

Read a credit decision on the partner ring: the outcome, any conditions and the offer terms. Decisioning is authoritative;…

Read →
GET /partner/v1/oauth/jwksReference

GET /partner/v1/oauth/jwks

The JSON Web Key Set: the public keys that sign partner access tokens, so you can verify a token's signature, issuer and audience…

Read →
GET /partner/v1/payments/{id}Reference

GET /partner/v1/payments/{id}

Read a payment's status on the partner ring: provisioned, pending, settled or failed. Pairs with the payment webhook for push…

Read →
GET /public/v1/cms/pages/{key}API reference

GET /public/v1/cms/pages/{key}

GET /public/v1/cms/pages/{key} reads a published CMS page by its stable key. It returns the sanitised, ready-to-render content…

Read →
GET /public/v1/config/pricingReference

GET /public/v1/config/pricing

The authoritative pricing configuration the whole estate reads: the single source of truth for published figures, so marketing…

Read →
GET /public/v1/healthzReference

GET /public/v1/healthz

The live health probe on the public ring. Returns a small JSON body indicating the hub is serving; used by monitors, load…

Read →
GET /public/v1/loyalty/tiersReference

GET /public/v1/loyalty/tiers

The loyalty tier ladder: the tier vocabulary, thresholds, headline benefits and cooldown — single-sourced so marketing and your…

Read →
GET /public/v1/loyalty/tiersAPI reference

GET /public/v1/loyalty/tiers

GET /public/v1/loyalty/tiers returns the loyalty-tier vocabulary — the four tiers Bronze → Silver → Gold → Platinum, each with…

Read →
GET /public/v1/mcpReference

GET /public/v1/mcp

The MCP server card: a discovery probe that returns the server's identity and capabilities so MCP clients can configure…

Read →
GET /public/v1/productsReference

GET /public/v1/products

The product catalogue: the three Credicorp products — Business Loan, Credicorp Flex, Credicorp Slice — each with its real name,…

Read →
GET /public/v1/quote/flexReference

GET /public/v1/quote/flex

A representative Credicorp Flex preview — the revolving business credit facility. Illustrates cost of drawing against a limit;…

Read →
GET /public/v1/quote/onetimeReference

GET /public/v1/quote/onetime

A representative Business Loan quote for an amount and term. Bounded to £50–£500 principal and 14–84 days by the engine's…

Read →
GET /public/v1/slice/billersReference

GET /public/v1/slice/billers

The list of accepted billers for Credicorp Slice — the suppliers and billers a company can pay now and repay over a short…

Read →
GET /public/v1/slice/billersAPI reference

GET /public/v1/slice/billers

GET /public/v1/slice/billers lists the accepted billers for Credicorp Slice — the public-safe view of each live biller: name,…

Read →
GET /public/v1/support/widget.cssAPI reference

GET /public/v1/support/widget.css

GET /public/v1/support/widget.css serves the support-widget stylesheet — the styles that pair with widget.js to render the…

Read →
GET /public/v1/support/widget.jsAPI reference

GET /public/v1/support/widget.js

GET /public/v1/support/widget.js serves the support-widget script — a self-contained JavaScript file you add to any page to…

Read →
HTTP 400 Bad RequestAPI reference

HTTP 400 Bad Request

A 400 Bad Request means the request could not be parsed or was structurally wrong. The response body is the standard <a…

Read →
HTTP 401 UnauthorizedAPI reference

HTTP 401 Unauthorized

A 401 Unauthorized means the request lacked a valid credential (partner plane). The response body is the standard <a…

Read →
HTTP 403 ForbiddenAPI reference

HTTP 403 Forbidden

A 403 Forbidden means the caller is authenticated but not allowed to do this. The response body is the standard <a…

Read →
HTTP 404 Not FoundAPI reference

HTTP 404 Not Found

A 404 Not Found means the route or resource does not exist. The response body is the standard <a…

Read →
HTTP 409 ConflictAPI reference

HTTP 409 Conflict

A 409 Conflict means the request conflicts with the current state. The response body is the standard <a…

Read →
HTTP 422 Unprocessable EntityAPI reference

HTTP 422 Unprocessable Entity

A 422 Unprocessable Entity means the request parsed but a value failed validation. The response body is the standard <a…

Read →
HTTP 429 Too Many RequestsAPI reference

HTTP 429 Too Many Requests

A 429 Too Many Requests means you exceeded the rate limit. The response body is the standard <a…

Read →
HTTP 500 Internal Server ErrorAPI reference

HTTP 500 Internal Server Error

A 500 Internal Server Error means an unexpected error occurred on our side. The response body is the standard <a…

Read →
HTTP 503 Service UnavailableAPI reference

HTTP 503 Service Unavailable

A 503 Service Unavailable means the service is temporarily unavailable. The response body is the standard <a…

Read →
MCP methods: initialize, tools/list, tools/callAPI reference

MCP methods: initialize, tools/list, tools/call

Three JSON-RPC methods drive the Credicorp MCP server. initialize negotiates the protocol revision and returns server identity;…

Read →
MCP tool: EligibilityCriteriaAPI reference

MCP tool: EligibilityCriteria

EligibilityCriteria returns the baseline a business must meet to be considered for Credicorp finance — a read-only MCP tool an…

Read →
MCP tool: GetQuoteAPI reference

MCP tool: GetQuote

GetQuote returns an indicative quote for a stated amount and term as a read-only MCP tool. It is an illustration, not an offer —…

Read →
MCP tool: HowToApplyAPI reference

MCP tool: HowToApply

HowToApply returns the application steps and what a business should prepare — a read-only MCP tool that lets an agent guide…

Read →
MCP tool: ListProductsAPI reference

MCP tool: ListProducts

ListProducts returns the Credicorp lending line-up as a read-only MCP tool: Business Loan, Credicorp Flex and Credicorp Slice. It…

Read →
MCP tool: LoyaltyTiersAPI reference

MCP tool: LoyaltyTiers

LoyaltyTiers is a read-only MCP tool on the Credicorp MCP server that returns the four-tier loyalty ladder — the same vocabulary…

Read →
MCP tool: ProductDetailsAPI reference

MCP tool: ProductDetails

ProductDetails returns the full detail of one Credicorp product — Business Loan, Credicorp Flex or Credicorp Slice — as a…

Read →
MCP tool: eligibility_criteriaMCP tool

MCP tool: eligibility_criteria

Returns Credicorp's eligibility criteria: who can apply. The headline is that Credicorp lends to UK limited companies, not to…

Read →
MCP tool: get_quoteMCP tool

MCP tool: get_quote

Computes a representative Business Loan quote for an amount (GBP) and a term (days). Only the Business Loan is quotable — the…

Read →
MCP tool: how_to_applyMCP tool

MCP tool: how_to_apply

Returns the steps to apply for Credicorp finance, so an agent can walk a qualified company through the journey and hand it off to…

Read →
MCP tool: list_productsMCP tool

MCP tool: list_products

Returns the three Credicorp products — Business Loan, Credicorp Flex and Credicorp Slice — each with its real name, a one-line…

Read →
MCP tool: loyalty_tiersMCP tool

MCP tool: loyalty_tiers

Returns the Credicorp loyalty ladder — the tiers, their thresholds and headline benefits — the same vocabulary the public loyalty…

Read →
MCP tool: product_detailsMCP tool

MCP tool: product_details

Returns a single product's published description plus its byte-exact representative figures. The description is the hub-canonical…

Read →
POST /partner/v1/applicationsReference

POST /partner/v1/applications

Open a new application on the partner ring. Idempotent with an Idempotency-Key, scoped to applications:write, and sub-limited to…

Read →
POST /partner/v1/decisions/{id}/refreshReference

POST /partner/v1/decisions/{id}/refresh

Re-run the decisioning model for an application. Costly, so sub-limited to 1 req/s. Use only when new information materially…

Read →
POST /partner/v1/identity/checksReference

POST /partner/v1/identity/checks

Run a KYC/AML identity check on the partner ring. Calls the identity provider, so sub-limited to 5 req/s. Returns a check…

Read →
POST /partner/v1/mcpReference

POST /partner/v1/mcp

The token-gated MCP server: the same JSON-RPC 2.0 protocol as the public server, behind an OAuth bearer token, exposing…

Read →
POST /partner/v1/oauth/introspectReference

POST /partner/v1/oauth/introspect

The OAuth 2.0 token-introspection endpoint. Check whether an access token is active and read its scopes, expiry and subject…

Read →
POST /partner/v1/oauth/tokenReference

POST /partner/v1/oauth/token

The OAuth 2.0 token endpoint. Exchange client credentials for a short-lived bearer access token scoped to the capabilities you…

Read →
POST /partner/v1/payments/linksReference

POST /partner/v1/payments/links

Provision a payment link over open-banking PISP on the partner ring. Sub-limited to 10 req/s. Money-out remains a governed manual…

Read →
POST /public/v1/consentReference

POST /public/v1/consent

Record a PECR cookie-banner consent snapshot from a marketing site's cookie banner. Fail-open, unauthenticated, and distinct from…

Read →
POST /public/v1/consentAPI reference

POST /public/v1/consent

POST /public/v1/consent records a cookie-consent snapshot under PECR §6 / GDPR recital 47. It captures a visitor’s analytics and…

Read →
POST /public/v1/enquiriesReference

POST /public/v1/enquiries

The public lead-intake endpoint: record one accepted enquiry, lead or complaint. Unauthenticated by design (anonymous leads are…

Read →
POST /public/v1/enquiriesAPI reference

POST /public/v1/enquiries

POST /public/v1/enquiries records a public enquiry — the endpoint behind every contact form, department request and complaint…

Read →
POST /public/v1/mcpReference

POST /public/v1/mcp

The MCP server's JSON-RPC 2.0 endpoint: one request in, one response out. Methods include initialize, tools/list, tools/call and…

Read →
POST /public/v1/mcpAPI reference

POST /public/v1/mcp

/public/v1/mcp is the Credicorp MCP server — a Model Context Protocol endpoint that lets an AI agent read public business-lending…

Read →
POST /public/v1/support/chatAPI reference

POST /public/v1/support/chat

POST /public/v1/support/chat powers the embedded support assistant — the endpoint the on-site chat widget calls to send a visitor…

Read →
Pagination on the partner APIReference

Pagination on the partner API

How partner list endpoints paginate: cursor-based paging with a limit and a next cursor, stable ordering, and how to iterate a…

Read →
Partner API error referenceReference

Partner API error reference

The error model for the /partner/v1 ring: auth errors, scope errors, validation, conflict, the 429 with RateLimit headers, OAuth…

Read →
Payment reason: bank_rejectedAPI reference

Payment reason: bank_rejected

bank_rejected is a payment failure_code value. The bank rejected the collection. It appears in the <a…

Read →
Payment reason: disputed_by_customerAPI reference

Payment reason: disputed_by_customer

disputed_by_customer is a payment failure_code value. The customer disputed the collection. It appears in the <a…

Read →
Payment reason: insufficient_fundsAPI reference

Payment reason: insufficient_funds

insufficient_funds is a payment failure_code value. The account had insufficient funds to cover the collection. It appears in the…

Read →
Payment reason: mandate_cancelledAPI reference

Payment reason: mandate_cancelled

mandate_cancelled is a payment failure_code value. The payment mandate had been cancelled. It appears in the <a…

Read →
Payment reason: technical_errorAPI reference

Payment reason: technical_error

technical_error is a payment failure_code value. A technical error prevented collection. It appears in the <a…

Read →
Public API error referenceReference

Public API error reference

The error model for the /public/v1 ring: status families, the JSON error body, the 422 range errors on quotes, the 429 rate-limit…

Read →
Rate limits and 429 responsesAPI reference

Rate limits and 429 responses

The public ring allows 60 requests per 60 seconds per IP. Cross that fixed window and every further request returns 429 Too Many…

Read →
Register a webhook endpointAPI reference

Register a webhook endpoint

A webhook endpoint is the HTTPS URL Credicorp POSTs events to. You register one per integration, choose which event types it…

Read →
Retrying failed requests safelyAPI reference

Retrying failed requests safely

Retry only the retry-able. 429 and 5xx are transient — back off and try again. 4xx other than 429 will fail identically on retry,…

Read →
The error envelope and status codesAPI reference

The error envelope and status codes

Every API error uses one envelope. A non-2xx response returns {"error":{...}} with a stable type, a machine-readable code, a…

Read →
The webhook event envelopeAPI reference

The webhook event envelope

Every webhook shares one envelope shape. The outer object identifies the event (id, type, created), flags whether it is live or…

Read →
Webhook API versioningAPI reference

Webhook API versioning

Webhook payloads are versioned by date. Each event carries api_version, e.g. 2026-07-01. Within a version, changes are only ever…

Read →
Webhook delivery and retriesAPI reference

Webhook delivery and retries

Credicorp expects a 2xx within 10 seconds. Return one to acknowledge, then process asynchronously. Any non-2xx or timeout…

Read →
Webhook event catalogueAPI reference

Webhook event catalogue

This is the master list of webhook type values. Events are grouped by resource — enquiry, decision, loan, payment, account,…

Read →
Webhook event: account.updatedAPI reference

Webhook event: account.updated

The account.updated webhook fires when a customer account record changes. Its data.object is a account. A typical handler will…

Read →
Webhook event: consent.grantedAPI reference

Webhook event: consent.granted

The consent.granted webhook fires when a consent flag is set. Its data.object is a consent. A typical handler will unlock the…

Read →
Webhook event: consent.withdrawnAPI reference

Webhook event: consent.withdrawn

The consent.withdrawn webhook fires when a consent flag is withdrawn. Its data.object is a consent. A typical handler will…

Read →
Webhook event: decision.completedAPI reference

Webhook event: decision.completed

The decision.completed webhook fires when a lending decision is reached. Its data.object is a decision. A typical handler will…

Read →
Webhook event: decision.referredAPI reference

Webhook event: decision.referred

The decision.referred webhook fires when a decision is referred for manual review. Its data.object is a decision. A typical…

Read →
Webhook event: enquiry.createdAPI reference

Webhook event: enquiry.created

The enquiry.created webhook fires when a public enquiry is submitted. Its data.object is a enquiry. A typical handler will route…

Read →
Webhook event: enquiry.updatedAPI reference

Webhook event: enquiry.updated

The enquiry.updated webhook fires when an enquiry’s status changes (e.g. new → in_progress). Its data.object is a enquiry. A…

Read →
Webhook event: kyc.passedAPI reference

Webhook event: kyc.passed

The kyc.passed webhook fires when identity and business verification passes. Its data.object is a kyc. A typical handler will…

Read →
Webhook event: kyc.referredAPI reference

Webhook event: kyc.referred

The kyc.referred webhook fires when verification is referred for manual checks. Its data.object is a kyc. A typical handler will…

Read →
Webhook event: loan.activatedAPI reference

Webhook event: loan.activated

The loan.activated webhook fires when a loan is drawn down and becomes live. Its data.object is a loan. A typical handler will…

Read →
Webhook event: loan.arrearsAPI reference

Webhook event: loan.arrears

The loan.arrears webhook fires when a loan falls into arrears. Its data.object is a loan. A typical handler will trigger a…

Read →
Webhook event: loan.closedAPI reference

Webhook event: loan.closed

The loan.closed webhook fires when a loan is fully repaid or written off. Its data.object is a loan. A typical handler will…

Read →
Webhook event: loan.disbursedAPI reference

Webhook event: loan.disbursed

The loan.disbursed webhook fires when loan funds are sent to the customer. Its data.object is a loan. A typical handler will…

Read →
Webhook event: loan.restructuredAPI reference

Webhook event: loan.restructured

The loan.restructured webhook fires when a loan’s terms are restructured (e.g. a payment plan). Its data.object is a loan. A…

Read →
Webhook event: loyalty.tier_changedAPI reference

Webhook event: loyalty.tier_changed

The loyalty.tier_changed webhook fires when a customer moves loyalty tier. Its data.object is a loyalty. A typical handler will…

Read →
Webhook event: mandate.activatedAPI reference

Webhook event: mandate.activated

The mandate.activated webhook fires when a direct debit / payment mandate becomes active. Its data.object is a mandate. A typical…

Read →
Webhook event: mandate.cancelledAPI reference

Webhook event: mandate.cancelled

The mandate.cancelled webhook fires when a payment mandate is cancelled. Its data.object is a mandate. A typical handler will…

Read →
Webhook event: offer.acceptedAPI reference

Webhook event: offer.accepted

The offer.accepted webhook fires when a customer accepts a loan offer. Its data.object is a offer. A typical handler will move…

Read →
Webhook event: offer.createdAPI reference

Webhook event: offer.created

The offer.created webhook fires when a loan offer is generated after approval. Its data.object is a offer. A typical handler will…

Read →
Webhook event: offer.expiredAPI reference

Webhook event: offer.expired

The offer.expired webhook fires when a loan offer lapses without acceptance. Its data.object is a offer. A typical handler will…

Read →
Webhook event: payment.disputedAPI reference

Webhook event: payment.disputed

The payment.disputed webhook fires when a payment is disputed (e.g. an indemnity claim). Its data.object is a payment. A typical…

Read →
Webhook event: payment.failedAPI reference

Webhook event: payment.failed

The payment.failed webhook fires when a repayment attempt fails. Its data.object is a payment. A typical handler will trigger a…

Read →
Webhook event: payment.refundedAPI reference

Webhook event: payment.refunded

The payment.refunded webhook fires when a settled payment is refunded. Its data.object is a payment. A typical handler will…

Read →
Webhook event: payment.succeededAPI reference

Webhook event: payment.succeeded

The payment.succeeded webhook fires when a scheduled repayment settles. Its data.object is a payment. A typical handler will…

Read →
Webhook event: statement.generatedAPI reference

Webhook event: statement.generated

The statement.generated webhook fires when a monthly statement is produced. Its data.object is a statement. A typical handler…

Read →
Webhook event: support.chat_escalatedAPI reference

Webhook event: support.chat_escalated

The support.chat_escalated webhook fires when a support chat is escalated to a human. Its data.object is a chat. A typical…

Read →
Webhook signature verificationAPI reference

Webhook signature verification

Verify every webhook before you trust it. Each delivery carries a Credicorp-Signature header: a timestamp and an HMAC-SHA256 of…

Read →

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.