Skip to main content
POST
/
api
/
v1
/
sessions
/
point-in-time
/
plugin
Create Session
curl --request POST \
  --url https://iip-session-management-uat.ingo.money/api/v1/sessions/point-in-time/plugin \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "participant_unique_id1": "70646041-01ea-4cd6-b657-18ff88e465c7",
  "host_uri": "https://digitalpay-test.ingo.money",
  "language_locale_code": "en-US",
  "recipient_information": {
    "first_name": "Alex",
    "last_name": "Rivera",
    "business_name": "Acme Limited",
    "address_line1": "100 Innovation Way",
    "city": "Anytown",
    "state": "GA",
    "zip_code": "37233",
    "email_address": "jack.frost@example.com",
    "phone_number": "1231231234",
    "mobile_number": "1231231234",
    "open_banking": {
      "mobus_customer_id": "9999"
    }
  }
}
'
{
  "status": 100,
  "client_message": "Success",
  "data": {
    "session_identifier": "7830227a-ba47-4d28-9416-cad41a446db7",
    "authorized_url": "https://iip-webplugin-ingo.money/session/7830227a-ba47-4d28-9416-cad41a446db7?t=637126733246949906&h=rpSb%2f%2fAeOAKjX7%2fhhOQvj9zpvwf4xeg97TuPCMtpUg0%3d",
    "authorized_url_expiration_utc": "2019-12-10T20:14:19.763941Z",
    "participant_unique_id1": "1f271ff6-5b79-45b6-a71e-aa9d1b86c0d8",
    "participant_unique_id2": ""
  },
  "time": 0.8
}

Headers

Idempotency-Key
string

Unique client-generated key (V4 UUID recommended) for safely retrying a session request without creating a duplicate session. Keys remain active for 2 hours. A status 101 response is returned when the same key is reused within that window.

Maximum string length: 250
Example:

"3f2a1b4c-9d8e-7f6a-5b4c-3d2e1f0a9b8c"

Body

application/json
participant_unique_id1
string
required

Participant-assigned ID for the session request. Carry this value forward to subsequent process requests for tracking.

Maximum string length: 100
Example:

"70646041-01ea-4cd6-b657-18ff88e465c7"

recipient_information
object
required

Client-provided recipient verification information.

participant_unique_id2
string

Optional second participant-assigned ID. Can also be carried forward to process requests for tracking.

Maximum string length: 100
Example:

"DEF-5678"

host_uri
string

URI of the hosting application (include protocol and hostname, e.g. https://digitalpay.ingo.money). Must be explicitly whitelisted in client configuration. Defaults to the first configured parent application host domain if omitted.

Maximum string length: 200
Example:

"https://digitalpay.ingo.money"

language_locale_code
enum<string>

IETF locale code specifying the language to use when launching the iFrame.

Available options:
ar-SA,
cs-CZ,
da-DK,
de-DE,
en-GB,
en-US,
es-ES,
es-US,
fa-IR,
fi-FI,
fr-FR,
hmn-Latn,
it-IT,
ja-JP,
km-KH,
ko-KR,
nb-NO,
nl-NL,
pl-PL,
pt-BR,
ru-RU,
sv-SE,
tl-PH,
tr-TR,
vi-VN,
zh-CN,
zh-Hans,
zh-TW
Maximum string length: 5
Example:

"en-US"

Response

Session created successfully, or idempotent response returned.

status
integer

Numeric status code. 100 = Success; 101 = Success (Idempotent — existing session returned, no new session created).

Example:

100

client_message
string

Human-readable description of the status code.

Example:

"Success"

data
object

Session identifiers and authorized launch URL.

time
number

Server-side request processing time in seconds.

Example:

0.8