# Session Initiation

POST /partner/v2/shops/:uuid/pos_sessions

To start a payment session in Inbank e-POS, use the POST /shops/:uuid/pos_session. The response includes the identifier of the payment session - pos_session_uuid and the URL to which the customer is to be redirected - redirect_url.

For your convenience, we have listed the minimal data set which needs to be passed to Inbank.

The customer_data, customer_contact_data and merchant objects and parameters included in them are optional. A request that does not contain these objects will be processed correctly. However, if the body does contain these objects, Inbank will validate the parameters passed inside them. Therefore, if the request contains customer_data/customer_contact_data/merchant objects, their parameters become required.

Endpoint: POST /partner/v2/shops/{shop_uuid}/pos_sessions
Security: bearerAuth

## Path parameters:

  - `shop_uuid` (string, required)
    Example: "a93f1f44-d5dd-4469-bfcc-c1de9e969213"

## Request fields (application/json):

  - `product_code` (string, required)
    Reference to product code.

  - `currency` (string, required)
    Currency code in uppercase. Available option is EUR.

  - `locale` (string, required)
    Language - country codes, for example et-ET.

  - `valid_until` (string)
    The point in time when the payment session is to expire. E.g. 2021-02-17T11:10:00+02:00. After this time, the customer will not be able to complete the financing procedure.

  - `user_ip` (string)
    Customer browser IP address as seen by e-shop.

  - `customer_data` (string, required)
    Data used to pre-fill credit application fields regarding the customer. Allowed keys:
  - identity_code*
  - first_name*
  - last_name*
  - gender - options: m (male), f (female).

  - `customer_contact_data` (string, required)
    Data used to pre-fill credit application fields regarding customer contact information. Allowed keys:
  - email*
  - mobile*

  - `purchase` (object, required)

  - `purchase.purchase_reference` (string)
    Unique identifier of the shopping cart or order in the e-shop (i.e. order ID).

  - `purchase.description` (string, required)
    Textual description of the order or shopping cart, meaningful for the customer.

  - `purchase.additional_details` (object)
    Any additional details about the order that are not covered with predefined parameters.

  - `purchase.merchant` (array)
    Array of items containing information about the merchant supplying the purchase.

  - `purchase.merchant.[0]` (object)

  - `purchase.merchant.[0].merchant_order_reference` (string)
    Order reference of the merchant.

  - `purchase.merchant.[0].merchant_domain_name` (string)
    URL of the merchant. This is the URL of the partner website from which purchases are done.

  - `rental_application_data` (object, required)
    Information on the items that is to be the object of Smart Rent.

  - `rental_application_data.insurance_used` (boolean)
    Whether insurance is added to the assets. If no value is passed in the request, default value true is used.

  - `rental_application_data.gross_campaign_discount` (number)
    The gross amount of the campaign discount.

  - `rental_application_data.gross_trade_in_amount` (number)
    The gross amount of the traded in asset.

  - `rental_application_data.assets` (array, required)
    Information on the items that are to be the objects of Smart Rent. 
Please note, that the hero device (this is the main device that is rented) needs to be first in the list of assets.

  - `rental_application_data.period` (number, required)
    Smart Rent duration in month.

  - `partner_urls` (object)

  - `partner_urls.return_url` (string, required)
    Partner defined URL to which the customer should be redirected after the application dialog.

  - `partner_urls.cancel_url` (string, required)
    Partner defined URL to which the customer should be redirected in case they deliberately cancelled the application dialog.

  - `partner_urls.callback_url` (string)
    URL for sending server-to-server callback messages about session status changes.

  - `integration_info` (string)
    Information about the technical environment of the partner side integration, e.g.: “ecom_platform”:“string”, “Module”:“string"

  - `additional_data` (string)
    Container for additional data that e-shops can pass to e-POS dialogs (pre-filling forms). 
Any keys are allowed.

## Response 201 fields (application/json):

  - `uuid` (string)
    Identifier of the POS session. Store this identifier at the order metadata for later usage.
    Example: "5e3a459a-aada-4d81-b6ad-09cb9483c8bf"

  - `status` (string)
    The status of the POS session.
    Example: "pending"

  - `redirect_url` (string)
    The link to which the customer is to be redirected to complete the rental process in the e-POS environment.
    Example: "https://demo-epos.inbank.ee/session/5e3a459a-aada-4d81-b6ad-09cb9483c8bf"

## Response 401 fields (application/json):

  - `message` (string)
    Unauthorized
    Example: "unauthorized"

## Response 403 fields (application/json):

  - `message` (string)
    Unauthorized access
    Example: "User is not authorized to access this resource with an explicit deny"

## Response 404 fields (application/json):

  - `message` (string)
    Not Found
    Example: "not_found"

## Response 500 fields (application/json):

  - `message` (string)
    Internal server error
    Example: "internal_server_error"