\documentclass[10pt]{article} \usepackage[a4paper,landscape,margin=0.65in]{geometry} \usepackage{booktabs} \usepackage{array} \usepackage{longtable} \usepackage{fancyvrb} \usepackage{hyperref} \usepackage{xcolor} \hypersetup{colorlinks=true,urlcolor=blue} \setlength{\parindent}{0pt} \renewcommand{\arraystretch}{1.15} \begin{document} \section*{Golden QA Report - UNITY} \textbf{Journey:} NTB\\ \textbf{Started:} 2026-06-23T11:11:52.164Z\\ \textbf{Ended:} 2026-06-23T11:17:16.363Z\\ \textbf{Duration:} 1m 38s\\ \textbf{Summary:} Total 547, Passed 520, Failed 25, Skipped 2\\ \section*{UNITY / NTB} \subsection*{Step Summary} \begin{longtable}{p{5.1cm}rrrrr} \toprule Step & Total & Passed & Failed & Skipped & Duration \\ \midrule \endhead Login & 66 & 61 & 5 & 0 & 49s \\ FD Detail & 59 & 59 & 0 & 0 & 4s \\ PAN Verification & 50 & 50 & 0 & 0 & 19s \\ eKYC Link Generation & 13 & 12 & 1 & 0 & 1s \\ Email / Personal Details & 277 & 258 & 19 & 0 & 19s \\ Nominee & 82 & 80 & 0 & 2 & 3s \\ \bottomrule \end{longtable} \subsection*{Failed Cases} \begin{longtable}{p{3.4cm}p{4.2cm}p{3.4cm}p{6.8cm}} \toprule Step & Case & Expected & Outcome \\ \midrule \endhead Login & Send OTP to Unity / USFB test mobile number & HTTP 201 & HTTP 201 | Expected success envelope with success/statusCode; payload.attemptsUsed missing \\ Login & Verify body statusCode for valid send OTP request & HTTP 201 & HTTP 201 | Expected body.statusCode=200 \\ Login & Verify attemptsUsed value on first send OTP request & HTTP 201 & HTTP 201 | Expected attemptsUsed=0, got null \\ Login & Verify send OTP response schema & HTTP 201 & HTTP 201 | Success schema mismatch \\ Login & Verify send OTP response time & HTTP 201 & HTTP 201 | Expected duration < 2000ms, got 5762 \\ eKYC Link Generation & [Validation] ekyc\_failed is boolean or absent & HTTP 200 & HTTP 201 | Expected boolean or absent, got object \\ Email / Personal Details & [Happy] POST /api/v1/bank/sync-to-unity — sync Fixer... & HTTP 200 & HTTP 400 | errors: FIXUSER1023, FIXUSER1024, FIXUSER1196, FIXUSER1197 | Expected 200/201, got 400; Bank syn... \\ Email / Personal Details & [POSITIVE] Verification success — bank\_code=true ret... & HTTP 200 & HTTP 400 | errors: FIXUSER1197, FIXUSER1023, FIXUSER1196, FIXUSER1024 | Expected one of 200/201, got 400; R... \\ Email / Personal Details & [POSITIVE] account\_holder\_name query param fallback & HTTP 200 & HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \\ Email / Personal Details & [POSITIVE] Missing Origin/Referer allowed & HTTP 200 & HTTP 400 | errors: FIXUSER1197, FIXUSER1023, FIXUSER1196, FIXUSER1024 | Expected one of 200/201, got 400; R... \\ Email / Personal Details & [POSITIVE] USFB issuer routing & HTTP 200 & HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \\ Email / Personal Details & [POSITIVE] IIB issuer routing & HTTP 200 & HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \\ Email / Personal Details & [NEGATIVE] account length 19 (above max 18) → FIXUSE... & HTTP 400 | errors: FIXUSER1197 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1197] in response \\ Email / Personal Details & [NEGATIVE] Missing ifsc → FIXUSER1196 & HTTP 400 | errors: FIXUSER1196 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \\ Email / Personal Details & [NEGATIVE] Invalid ifsc format → FIXUSER1024 & HTTP 400 | errors: FIXUSER1024 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1024] in response \\ Email / Personal Details & [NEGATIVE] account\_holder\_full\_name with digits → FI... & HTTP 400 | errors: FIXUSER1234 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1234] in response \\ Email / Personal Details & [NEGATIVE] account\_holder\_first\_name invalid chars →... & HTTP 400 | errors: FIXUSER1199 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1199] in response \\ Email / Personal Details & [NEGATIVE] Name mismatch → FIXUSER1055 & HTTP 400 | errors: FIXUSER1055 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1055] in response \\ Email / Personal Details & [NEGATIVE] Empty body → FIXUSER1196 & HTTP 400 | errors: FIXUSER1196 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \\ Email / Personal Details & [NEGATIVE] account is null → FIXUSER1196 & HTTP 400 | errors: FIXUSER1196 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \\ Email / Personal Details & [EDGE] account length 9 (min boundary) & HTTP 200 & HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \\ Email / Personal Details & [EDGE] account length 18 (max boundary) & HTTP 200 & HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \\ Email / Personal Details & [EDGE] account\_holder\_last\_name empty string → accepted & HTTP 200 & HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \\ Email / Personal Details & [EDGE] account\_holder\_last\_name "." → accepted & HTTP 200 & HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \\ Email / Personal Details & [EDGE] SSFB invalid beneficiary → FIXUSER1454 & HTTP 400 | errors: FIXUSER1454 & HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1454] in response \\ \bottomrule \end{longtable} \subsection*{FAILED: Send OTP to Unity / USFB test mobile number} \begin{itemize} \item Step: Login \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/auth/register \item Expected: HTTP 201 \item Actual: HTTP 201 | Expected success envelope with success/statusCode; payload.attemptsUsed missing \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_AUTH\_REGISTER.md \end{itemize} \paragraph*{Validations} PASS - Response status should be 201 or 200: Status 201 OK | FAIL - Response should indicate OTP send success: Expected success envelope with success/statusCode | FAIL - payload.attemptsUsed should be present: payload.attemptsUsed missing \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/auth/register' \ -H 'Content-Type: application/json' \ -d '{"phone":"918668336629"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "phone": "918668336629" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "92", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:15:38 GMT", "etag": "W/\"5c-vzt9vmLTv7PM1cZh/5MRbyBihrc\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-ratelimit-limit": "3000", "x-ratelimit-remaining": "2997", "x-ratelimit-reset": "52", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "82", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 500, "message": "An error occurred while sending OTP.", "payload": {} } \end{Verbatim} \subsection*{FAILED: Verify body statusCode for valid send OTP request} \begin{itemize} \item Step: Login \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/auth/register \item Expected: HTTP 201 \item Actual: HTTP 201 | Expected body.statusCode=200 \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_AUTH\_REGISTER.md \end{itemize} \paragraph*{Validations} PASS - Response status should be 201 or 200: Status 201 OK | FAIL - Body statusCode should be 200: Expected body.statusCode=200 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/auth/register' \ -H 'Content-Type: application/json' \ -d '{"phone":"918668336629"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "phone": "918668336629" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "92", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:15:44 GMT", "etag": "W/\"5c-vzt9vmLTv7PM1cZh/5MRbyBihrc\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-ratelimit-limit": "3000", "x-ratelimit-remaining": "2995", "x-ratelimit-reset": "45", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "101", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 500, "message": "An error occurred while sending OTP.", "payload": {} } \end{Verbatim} \subsection*{FAILED: Verify attemptsUsed value on first send OTP request} \begin{itemize} \item Step: Login \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/auth/register \item Expected: HTTP 201 \item Actual: HTTP 201 | Expected attemptsUsed=0, got null \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_AUTH\_REGISTER.md \end{itemize} \paragraph*{Validations} PASS - Response status should be 201 or 200: Status 201 OK | FAIL - payload.attemptsUsed should be 0: Expected attemptsUsed=0, got null \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/auth/register' \ -H 'Content-Type: application/json' \ -d '{"phone":"918668336629"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "phone": "918668336629" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "92", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:15:58 GMT", "etag": "W/\"5c-vzt9vmLTv7PM1cZh/5MRbyBihrc\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-ratelimit-limit": "3000", "x-ratelimit-remaining": "2992", "x-ratelimit-reset": "31", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "80", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 500, "message": "An error occurred while sending OTP.", "payload": {} } \end{Verbatim} \subsection*{FAILED: Verify send OTP response schema} \begin{itemize} \item Step: Login \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/auth/register \item Expected: HTTP 201 \item Actual: HTTP 201 | Success schema mismatch \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_AUTH\_REGISTER.md \end{itemize} \paragraph*{Validations} PASS - Response status should be 201 or 200: Status 201 OK | FAIL - Success response schema should match contract: Success schema mismatch \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/auth/register' \ -H 'Content-Type: application/json' \ -d '{"phone":"918668336629"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "phone": "918668336629" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "92", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:15:58 GMT", "etag": "W/\"5c-vzt9vmLTv7PM1cZh/5MRbyBihrc\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-ratelimit-limit": "3000", "x-ratelimit-remaining": "2990", "x-ratelimit-reset": "31", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "77", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 500, "message": "An error occurred while sending OTP.", "payload": {} } \end{Verbatim} \subsection*{FAILED: Verify send OTP response time} \begin{itemize} \item Step: Login \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/auth/register \item Expected: HTTP 201 \item Actual: HTTP 201 | Expected duration < 2000ms, got 5762 \item Duration: 5s \item Docs: user-services/API\_QA\_POST\_AUTH\_REGISTER.md \end{itemize} \paragraph*{Validations} PASS - Response status should be 201 or 200: Status 201 OK | FAIL - Response time should be within 2000ms: Expected duration < 2000ms, got 5762 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/auth/register' \ -H 'Content-Type: application/json' \ -d '{"phone":"918668336629"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "phone": "918668336629" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "94", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:16:04 GMT", "etag": "W/\"5e-u9pgAiC6r/+M8iGDbF15OUTKebo\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-ratelimit-limit": "3000", "x-ratelimit-remaining": "2989", "x-ratelimit-reset": "31", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "5758", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 1, "statusCode": 200, "message": "OTP sent successfully.", "payload": { "attemptsUsed": 0 } } \end{Verbatim} \subsection*{FAILED: [Validation] ekyc\_failed is boolean or absent} \begin{itemize} \item Step: eKYC Link Generation \item Service: user-investment-services \item Method: POST \item URL: https://investments-api.dev.fixerra.in/issuer-apis/unity/v3/check-status \item Expected: HTTP 200 \item Actual: HTTP 201 | Expected boolean or absent, got object \item Duration: 0s \item Docs: - \end{itemize} \paragraph*{Validations} FAIL - ekyc\_failed should be boolean or absent: Expected boolean or absent, got object \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://investments-api.dev.fixerra.in/issuer-apis/unity/v3/check-status' \ -H 'Content-Type: application/json' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"redirection_url":"https://app.fixerra.in/ekyc","fd_info":"{\"amount\":50000,\"tenure\":12,\"payout_frequency\":\"maturity\",\"issuer_code\":\"USFB\"}"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "redirection_url": "https://app.fixerra.in/ekyc", "fd_info": "{\"amount\":50000,\"tenure\":12,\"payout_frequency\":\"maturity\",\"issuer_code\":\"USFB\"}" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, must-revalidate, private", "content-length": "1577", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:16:52 GMT", "etag": "W/\"629-mMValC1Tb/8lk9aWrUe8DyXrJks\"", "referrer-policy": "origin-when-cross-origin", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "142", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 1, "statusCode": 200, "message": "Success", "payload": { "f_user_id": "bbbccb92-b868-40db-8407-4924962e8e81", "is_fixerra_pan_verified": false, "is_nsdl_pan_verified": false, "is_aml_verified": false, "is_ekyc_verified": false, "is_personal_data_verified": false, "is_vkyc_verified": false, "is_email_verified": false, "fixerra_pan_verified_at": null, "nsdl_pan_verified_at": null, "aml_verified_at": null, "ekyc_verified_at": null, "personal_data_verified_at": null, "vkyc_verified_at": null, "email_verified_at": null, "etb_verified_at": null, "f_etb_verified_at": null, "is_address_verified_at": null, "is_etb": false, "is_f_etb": false, "is_address_verified": false, "created_at": "2026-06-23T11:16:51.000Z", "updated_at": "2026-06-23T11:16:51.000Z", "ekyc_url": "https://aadhaar-uat.unitybank.co.in/?encPayload=juMCHfdw%2Ft75%2BxF1zC5nhAafh%2BA86d40ah%2FgZ%2BCsGqCr5CIfKxdR23NmqLRU%2FRnAhXh4wyj8yjHYpga%2FYd%2Fcgg5iEw8JjXflZkX0Hi29nzO6MmL%2FEkGIfA7VBoCIltZIYgbIr53fNiPp9krglmyXuWPcQC%2Fr%2FFL85PqcX4DDRNBMZPT6TBVhz0qPPSounU%2Bwwoii2SnTdfPUot33NwPN2%2BRrjIjvKYXviJIbzMULkoU%3D&encKey=oR8%2BsjYQheZLr%2FTR1vxzIOUOFf%2Fw9oiPDgECmNuKmmCp5DP0XRK64GZCSyTfLFBZrHB7IZodgUYilRE50fpxyf%2FzrvVlkf1sYUS6uLOHoUROnMesV3aBuEQ%2FRYhqaTn2SvXXnsN%2FzzNT5BZP3OLmVTIVoBO1GBomOaxeTYMF28jx%2Fe3348AciTXr2KDLHJiaWm8NTSoYK0j1Wl8A8sNRo9ky7rnFGAjbFVTdJnDAELsoGUtS1GVgaZHYFL9jxjzpLMpLp41CubvoA4LRkD9mD7RqTAwHlTI2qXc2GJb1V3NEBQe8897wp6U%2FQXsoEcuDX5oFgdBtIrGPliATbTBVHQ%3D%3D", "ekyc_request_id": "FI202606231116529868", "vkyc_url": null, "vkyc_session_id": null, "vkyc_status": null, "ekyc_failed": null, "is_name_verified": null, "is_dob_verified": null } } \end{Verbatim} \subsection*{FAILED: [Happy] POST /api/v1/bank/sync-to-unity — sync Fixerra bank to Unity} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/api/v1/bank/sync-to-unity \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1023, FIXUSER1024, FIXUSER1196, FIXUSER1197 | Expected 200/201, got 400; Bank sync status unclear \item Duration: 0s \item Docs: - \end{itemize} \paragraph*{Validations} FAIL - Status 200 or 201: Expected 200/201, got 400 | FAIL - Response indicates sync success: Bank sync status unclear \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/api/v1/bank/sync-to-unity' \ -H 'Content-Type: application/json' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"f_user_bank_id":"5e4bc6c0-e016-4bfe-bb99-3527d314da5e"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "f_user_bank_id": "5e4bc6c0-e016-4bfe-bb99-3527d314da5e" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "656", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:04 GMT", "etag": "W/\"290-eK88UPIMQpvVG9HC4AblSnbtLMc\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "18", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad request", "payload": {}, "error": [ { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1023", "error": "Account number must be a numeric string" }, { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1024", "error": "IFSC code is required and must be alphanumeric" }, { "f_error_reason": "account is required", "f_error_message": "account is required", "errorCode": "FIXUSER1196", "error": "account is required" }, { "f_error_reason": "Account length must be between 9 and 18", "f_error_message": "Account length must be between 9 and 18", "errorCode": "FIXUSER1197", "error": "Account length must be between 9 and 18" } ] } \end{Verbatim} \subsection*{FAILED: [POSITIVE] Verification success — bank\_code=true returns f\_user\_bank\_id} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1197, FIXUSER1023, FIXUSER1196, FIXUSER1024 | Expected one of 200/201, got 400; Response contains error indicators \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 400 | FAIL - Response should indicate success (no error envelope): Response contains error indicators \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB&bank_code=true' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB", "bank_code": "true" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "656", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:10 GMT", "etag": "W/\"290-9fqrMe9DRoxv5Ea+T5FbJjk174E\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "10", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad request", "payload": {}, "error": [ { "f_error_reason": "Account length must be between 9 and 18", "f_error_message": "Account length must be between 9 and 18", "errorCode": "FIXUSER1197", "error": "Account length must be between 9 and 18" }, { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1023", "error": "Account number must be a numeric string" }, { "f_error_reason": "account is required", "f_error_message": "account is required", "errorCode": "FIXUSER1196", "error": "account is required" }, { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1024", "error": "IFSC code is required and must be alphanumeric" } ] } \end{Verbatim} \subsection*{FAILED: [POSITIVE] account\_holder\_name query param fallback} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 400 | FAIL - Response should indicate success (no error envelope): Response contains error indicators \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB&account_holder_name=John%2BDoe' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB", "account_holder_name": "John+Doe" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "259", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:10 GMT", "etag": "W/\"103-caE6g26w6c41XgJ2hLvLJS/VGe0\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "43", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1220", "error": "Either account_holder_full_name or account_holder_first_name and account_holder_last_name are required" } ] } \end{Verbatim} \subsection*{FAILED: [POSITIVE] Missing Origin/Referer allowed} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1197, FIXUSER1023, FIXUSER1196, FIXUSER1024 | Expected one of 200/201, got 400; Response contains error indicators \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 400 | FAIL - Response should indicate success (no error envelope): Response contains error indicators \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "656", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:10 GMT", "etag": "W/\"290-9fqrMe9DRoxv5Ea+T5FbJjk174E\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "12", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad request", "payload": {}, "error": [ { "f_error_reason": "Account length must be between 9 and 18", "f_error_message": "Account length must be between 9 and 18", "errorCode": "FIXUSER1197", "error": "Account length must be between 9 and 18" }, { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1023", "error": "Account number must be a numeric string" }, { "f_error_reason": "account is required", "f_error_message": "account is required", "errorCode": "FIXUSER1196", "error": "account is required" }, { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1024", "error": "IFSC code is required and must be alphanumeric" } ] } \end{Verbatim} \subsection*{FAILED: [POSITIVE] USFB issuer routing} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 400 | FAIL - Response should indicate success (no error envelope): Response contains error indicators \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=USFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "USFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "259", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:10 GMT", "etag": "W/\"103-caE6g26w6c41XgJ2hLvLJS/VGe0\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "10", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1220", "error": "Either account_holder_full_name or account_holder_first_name and account_holder_last_name are required" } ] } \end{Verbatim} \subsection*{FAILED: [POSITIVE] IIB issuer routing} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 400 | errors: FIXUSER1220 | Expected one of 200/201, got 400; Response contains error indicators \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 400 | FAIL - Response should indicate success (no error envelope): Response contains error indicators \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=IIB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "IIB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "259", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:10 GMT", "etag": "W/\"103-caE6g26w6c41XgJ2hLvLJS/VGe0\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "9", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 400, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "", "f_error_message": "", "errorCode": "FIXUSER1220", "error": "Either account_holder_full_name or account_holder_first_name and account_holder_last_name are required" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] account length 19 (above max 18) → FIXUSER1197} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1197 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1197] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1197: None of [FIXUSER1197] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"1234567890123456789","ifsc":"HDFC0004888"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "1234567890123456789", "ifsc": "HDFC0004888" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "628", "server": "envoy", "connection": "close" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] Missing ifsc → FIXUSER1196} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1196 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1196: None of [FIXUSER1196] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "67", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] Invalid ifsc format → FIXUSER1024} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1024 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1024] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1024: None of [FIXUSER1024] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"BAD"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "BAD" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "133", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] account\_holder\_full\_name with digits → FIXUSER1234} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1234 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1234] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1234: None of [FIXUSER1234] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","account_holder_full_name":"John2 Doe"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "account_holder_full_name": "John2 Doe" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "39", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] account\_holder\_first\_name invalid chars → FIXUSER1199} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1199 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1199] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1199: None of [FIXUSER1199] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","account_holder_first_name":"Jo$n"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "account_holder_first_name": "Jo$n" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "72", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] Name mismatch → FIXUSER1055} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1055 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1055] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1055: None of [FIXUSER1055] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB&account_holder_name=CompletelyDifferentName' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB", "account_holder_name": "CompletelyDifferentName" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "65", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] Empty body → FIXUSER1196} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1196 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1196: None of [FIXUSER1196] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] {} \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "41", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [NEGATIVE] account is null → FIXUSER1196} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1196 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1196] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1196: None of [FIXUSER1196] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":null,"ifsc":"HDFC0004888"}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": null, "ifsc": "HDFC0004888" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "34", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [EDGE] account length 9 (min boundary)} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 429 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"123456789","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "123456789", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "23", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [EDGE] account length 18 (max boundary)} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 429 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"123456789012345678","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "123456789012345678", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "32", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [EDGE] account\_holder\_last\_name empty string → accepted} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 429 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","account_holder_first_name":"John","account_holder_last_name":""}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "account_holder_first_name": "John", "account_holder_last_name": "" } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "38", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [EDGE] account\_holder\_last\_name "." → accepted} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 200 \item Actual: HTTP 429 | errors: FIXUSER1517 | Expected one of 200/201, got 429 \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} FAIL - HTTP status should be one of 200/201: Expected one of 200/201, got 429 \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"50100816151727","ifsc":"HDFC0004888","account_holder_first_name":"John","account_holder_last_name":"."}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "50100816151727", "ifsc": "HDFC0004888", "account_holder_first_name": "John", "account_holder_last_name": "." } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "23", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{FAILED: [EDGE] SSFB invalid beneficiary → FIXUSER1454} \begin{itemize} \item Step: Email / Personal Details \item Service: user-services \item Method: POST \item URL: https://users-api.dev.fixerra.in/v2/signzy/bank \item Expected: HTTP 400 | errors: FIXUSER1454 \item Actual: HTTP 429 | errors: FIXUSER1517 | None of [FIXUSER1454] in response \item Duration: 0s \item Docs: user-services/API\_QA\_POST\_V2\_SIGNZY\_BANK.md \end{itemize} \paragraph*{Validations} PASS - Should indicate error (HTTP 400 or body statusCode=400): Error confirmed (HTTP 429, body.statusCode=429) | FAIL - Response should contain error code(s): FIXUSER1454: None of [FIXUSER1454] in response \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] curl -X POST 'https://users-api.dev.fixerra.in/v2/signzy/bank?issuer_code=SSFB' \ -H 'Content-Type: application/json' \ -H 'x-partner-key: 38****ef' \ -H 'x-partner-code: tradingquants-dev' \ -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0' \ -d '{"account":"00000000000","ifsc":"HDFC0004888","consent_checked":true}' \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] { "account": "00000000000", "ifsc": "HDFC0004888", "consent_checked": true } \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] { "issuer_code": "SSFB" } \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] { "Content-Type": "application/json", "x-partner-key": "38****ef", "x-partner-code": "tradingquants-dev", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlblR5cGUiOiJhY2Nlc3MiLCJmX3VzZXJfaWQiOiJiYmJjY2I5Mi1iODY4LTQwZGItODQwNy00OTI0OTYyZThlODEiLCJmX3BhcnRuZXJfdXNlcl9pZCI6Ijg4MGQyYWQxLTAxZmYtNGU1MC1hMTM1LTkzYzEyNDIwYWZjMCIsImZfcGFydG5lcl9pZCI6IjY4YmRjZjg5LTg0NjQtNGY4NS04OTg3LWFhMjg5MDhlMjFhZCIsInBhcnRuZXJfdXJsIjoiaHR0cHM6Ly90cmFkaW5ncXVhbnRzLmRldi5maXhlcnJhLmluIiwiaWF0IjoxNzgyMjEzMzg3LCJleHAiOjE3ODIyOTk3ODd9.Tk8anrb2r1p-QIN1oviiekNnwAQgGicPuHn9HSd5Ba0" } \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] { "cache-control": "no-store, no-cache, max-age=604800, must-revalidate, private", "content-length": "383", "content-security-policy": "default-src 'self'", "content-type": "application/json; charset=utf-8", "date": "Tue, 23 Jun 2026 11:17:11 GMT", "etag": "W/\"17f-91hFlNdSo+34WGa1AO18Zs1lvww\"", "referrer-policy": "origin-when-cross-origin", "strict-transport-security": "max-age=31536000; includeSubDomains; preload", "vary": "Origin", "x-content-type-options": "nosniff", "x-powered-by": "Express", "x-xss-protection": "1; mode=block", "x-envoy-upstream-service-time": "42", "server": "envoy" } \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] { "success": 0, "statusCode": 429, "message": "Bad Request", "payload": {}, "error": [ { "f_error_reason": "Bank verification rate limit exceeded", "f_error_message": "You have reached the maximum limit for bank verification attempts. Please try again after 24 hours.", "errorCode": "FIXUSER1517", "error": "User has exceeded the maximum allowed bank verification attempts within the 24-hour window" } ] } \end{Verbatim} \subsection*{Skipped Cases} \begin{longtable}{p{3.4cm}p{4.2cm}p{3.4cm}p{6.8cm}} \toprule Step & Case & Expected & Outcome \\ \midrule \endhead Nominee & Create nominee whose name matches the applicant's ow... & HTTP 201 & panFirstName not available from PAN verification step \\ Nominee & Create default nominee matching applicant PAN name (... & HTTP 201 & panFirstName not available from PAN verification step \\ \bottomrule \end{longtable} \subsection*{SKIPPED: Create nominee whose name matches the applicant's own PAN name} \begin{itemize} \item Step: Nominee \item Service: user-services \item Method: POST \item URL: /api/v1/user-nominee \item Expected: HTTP 201 \item Actual: panFirstName not available from PAN verification step \item Duration: 0s \item Docs: - \end{itemize} \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \subsection*{SKIPPED: Create default nominee matching applicant PAN name (for FIXINV165 booking check)} \begin{itemize} \item Step: Nominee \item Service: user-services \item Method: POST \item URL: /api/v1/user-nominee \item Expected: HTTP 201 \item Actual: panFirstName not available from PAN verification step \item Duration: 0s \item Docs: - \end{itemize} \paragraph*{Curl} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request payload} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request query} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Request headers} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Response headers} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \paragraph*{Response body} \begin{Verbatim}[fontsize=\small] \end{Verbatim} \end{document}