Creating and Sending a User Invite

The process begins with an AdminApprover, a user who holds administrative and authorising privileges within the NoFrixion system. This user initiates the invitation process by utilizing the userinvites POST endpoint of the MoneyMoov API. Upon doing so, the system generates a user invitation and dispatches an email to the invitee. This email serves as the first point of contact for the invitee, containing crucial information and a link to the registration page.

// Define the base URL of the API
        var baseUrl = "https://api-sandbox.nofrixion.com/api/v1/userinvites";

        // Replace with your actual JWT token
        var jwtToken = "<ACCESS_TOKEN>";

        // Create the HttpClient and configure the headers
        using (var client = new HttpClient())
        {
            client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
            client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", jwtToken);

            // Define the body parameters
            var requestBody = new
            {
                merchantID = "", // Replace with merchant ID or leave empty if provided by URL
                inviteeEmailAddress = "invitee@example.com", // Replace with the invitee's email address
                inviteeFirstName = "John", // Replace with the invitee's first name or null
                inviteeLastName = "Doe", // Replace with the invitee's last name or null
                sendInviteEmail = true // Set to true to send an invite email
            };

            // Serialize the request body to JSON
            var json = JsonConvert.SerializeObject(requestBody);
            var content = new StringContent(json, Encoding.UTF8, "application/json");

            try
            {
                // Make the POST request
                var response = await client.PostAsync(baseUrl, content);

                // Ensure the response is successful
                response.EnsureSuccessStatusCode();

                // Read and process the response body
                var responseBody = await response.Content.ReadAsStringAsync();
                Console.WriteLine("Response: " + responseBody);
            }
            catch (HttpRequestException e)
            {
                // Handle any errors that occurred during the request
                Console.WriteLine($"Request exception: {e.Message}");
            }
        }

const axios = require('axios');

// Define the base URL of the API
const baseUrl = 'https://api-sandbox.nofrixion.com/api/v1/userinvites';

// Replace with your actual JWT token
const jwtToken = '<ACCESS_TOKEN>';

// Configure the headers
const config = {
    headers: {
        'Accept': 'application/json',
        'Authorization': `Bearer ${jwtToken}`,
        'Content-Type': 'application/json'
    }
};

// Define the body parameters
const requestBody = {
    merchantID: '', // Replace with merchant ID or leave empty if provided by URL
    inviteeEmailAddress: 'invitee@example.com', // Replace with the invitee's email address
    inviteeFirstName: 'John', // Replace with the invitee's first name or null
    inviteeLastName: 'Doe', // Replace with the invitee's last name or null
    sendInviteEmail: true // Set to true to send an invite email
};

axios.post(baseUrl, requestBody, config)
    .then(response => {
        // Process the response
        console.log('Response:', response.data);
    })
    .catch(error => {
        // Handle any errors that occurred during the request
        console.error('Error:', error.response ? error.response.data : error.message);
    });

import requests
import json

# Define the base URL of the API
base_url = 'https://api-sandbox.nofrixion.com/api/v1/userinvites'

# Replace with your actual JWT token
jwt_token = '<ACCESS_TOKEN>'

# Set up the headers
headers = {
    'Accept': 'application/json',
    'Authorization': f'Bearer {jwt_token}',
    'Content-Type': 'application/json'
}

# Define the body parameters
request_body = {
    'merchantID': '',  # Replace with merchant ID or leave empty if provided by URL
    'inviteeEmailAddress': 'invitee@example.com',  # Replace with the invitee's email address
    'inviteeFirstName': 'John',  # Replace with the invitee's first name or null
    'inviteeLastName': 'Doe',  # Replace with the invitee's last name or null
    'registrationUrl': None,  # Optional registration URL or None
    'sendInviteEmail': True  # Set to True to send an invite email
}

# Make the POST request
try:
    response = requests.post(base_url, headers=headers, data=json.dumps(request_body))
    response.raise_for_status()

    # Print the response
    print('Response:', response.json())
except requests.HTTPError as http_err:
    # Handle HTTP errors
    print(f'HTTP error occurred: {http_err}')
    print(response.json())
except Exception as err:
    # Handle other errors
    print(f'Error: {err}')

Receiving the Invitation and Registering

Upon receiving the invitation email, the prospective user (invitee) is expected to follow the included link. This link directs them to the NoFrixion registration page. The registration process is designed to be straightforward, guiding the invitee through the necessary steps to create their user profile within the system.

Initial Role Assignment and Permissions

After the invitee successfully completes their registration, they are automatically added to the merchant's system as a user. However, at this initial stage, their role is defined as 'NewlyRegistered', which notably carries no permissions for performing operational tasks within the system. This status is a safeguard, ensuring that new users don't immediately have access to sensitive functionalities without proper oversight.

Notification and Role Assignment by the Inviter

The inviter, who originally sent out the invitation, is promptly notified via email once the invitee completes the registration. This notification serves as a prompt for the inviter to take the next critical step: assigning a specific role to the invitee. This role assignment is a pivotal part of the process, as it determines the level of access and the type of operations the invitee can perform on the platform.

Invitation Management: Expiry, Resending, and Deletion

Each user invitation in the system has a lifespan of 48 hours from the time of its creation. The invitation can be resent, should there be a need to activate the invite. Alternatively, if circumstances change or if an invitation is sent in error, it can be deleted entirely from the system. These management actions ensure that the invitation process remains flexible and secure.

Tracking and Managing Invitations

Finally, the userinvites GET endpoint can be used to get the details of an invitation.