mutation applySessionCreateAuthenticated

Starts a verified session for the provided email directly, bypassing the start/verify OTP exchange, and returns the session details.

Returns ApplySession

Arguments

ArgumentTypeDescription
inputApplySessionCreateInput!

Example request

curl -X POST 'https://graph.clientloop.com/' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer <api-key>' \
  -d '{
    "query": "mutation ApplySessionCreate($input: ApplySessionCreateInput!) { applySessionCreate(input: $input) { id expiresAt expired applicationId applicationStatus businessInformation { legalName dba startDate website country entityType ein phone address city state postalCode avgOrderAmount } productsAndServices { industry industryOther services supportEmail supportPhone } owners { id givenName familyName title email phone dob maskedSsn address city state postalCode percentageOwnership ownerType } idvCompleted businessInfoCompleted productsAndServicesCompleted bankLinked totalOwnership ownersCompleted agreementsCompleted transferInstrumentCompleted totalSections completedSections sections { name completed } } }",
    "variables": {
      "input": {
        "email": "user@example.com",
        "configurationId": "abc123"
      }
    }
  }'
const response = await fetch('https://graph.clientloop.com/', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer <api-key>',
  },
  body: JSON.stringify({
    query: `
      mutation ApplySessionCreate($input: ApplySessionCreateInput!) {
        applySessionCreate(input: $input) {
          id
          expiresAt
          expired
          applicationId
          applicationStatus
          businessInformation {
            legalName
            dba
            startDate
            website
            country
            entityType
            ein
            phone
            address
            city
            state
            postalCode
            avgOrderAmount
          }
          productsAndServices {
            industry
            industryOther
            services
            supportEmail
            supportPhone
          }
          owners {
            id
            givenName
            familyName
            title
            email
            phone
            dob
            maskedSsn
            address
            city
            state
            postalCode
            percentageOwnership
            ownerType
          }
          idvCompleted
          businessInfoCompleted
          productsAndServicesCompleted
          bankLinked
          totalOwnership
          ownersCompleted
          agreementsCompleted
          transferInstrumentCompleted
          totalSections
          completedSections
          sections {
            name
            completed
          }
        }
      }
    `,
    variables: {
      "input": {
        "email": "user@example.com",
        "configurationId": "abc123"
      }
    },
  }),
});

const { data, errors } = await response.json();
<?php

$body = <<<'JSON'
{
  "query": "mutation ApplySessionCreate($input: ApplySessionCreateInput!) { applySessionCreate(input: $input) { id expiresAt expired applicationId applicationStatus businessInformation { legalName dba startDate website country entityType ein phone address city state postalCode avgOrderAmount } productsAndServices { industry industryOther services supportEmail supportPhone } owners { id givenName familyName title email phone dob maskedSsn address city state postalCode percentageOwnership ownerType } idvCompleted businessInfoCompleted productsAndServicesCompleted bankLinked totalOwnership ownersCompleted agreementsCompleted transferInstrumentCompleted totalSections completedSections sections { name completed } } }",
  "variables": {
    "input": {
      "email": "user@example.com",
      "configurationId": "abc123"
    }
  }
}
JSON;

$ch = curl_init('https://graph.clientloop.com/');
curl_setopt_array($ch, [
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_POST => true,
  CURLOPT_HTTPHEADER => [
    'Content-Type: application/json',
    'Authorization: Bearer <api-key>',
  ],
  CURLOPT_POSTFIELDS => $body,
]);

$response = curl_exec($ch);
curl_close($ch);

$result = json_decode($response, true);
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;

var body = """
{
  "query": "mutation ApplySessionCreate($input: ApplySessionCreateInput!) { applySessionCreate(input: $input) { id expiresAt expired applicationId applicationStatus businessInformation { legalName dba startDate website country entityType ein phone address city state postalCode avgOrderAmount } productsAndServices { industry industryOther services supportEmail supportPhone } owners { id givenName familyName title email phone dob maskedSsn address city state postalCode percentageOwnership ownerType } idvCompleted businessInfoCompleted productsAndServicesCompleted bankLinked totalOwnership ownersCompleted agreementsCompleted transferInstrumentCompleted totalSections completedSections sections { name completed } } }",
  "variables": {
    "input": {
      "email": "user@example.com",
      "configurationId": "abc123"
    }
  }
}
""";

var request = HttpRequest.newBuilder(URI.create("https://graph.clientloop.com/"))
    .header("Content-Type", "application/json")
    .header("Authorization", "Bearer <api-key>")
    .POST(HttpRequest.BodyPublishers.ofString(body))
    .build();

var response = HttpClient.newHttpClient()
    .send(request, HttpResponse.BodyHandlers.ofString());

System.out.println(response.body());
using System.Net.Http;
using System.Text;

var body = """
{
  "query": "mutation ApplySessionCreate($input: ApplySessionCreateInput!) { applySessionCreate(input: $input) { id expiresAt expired applicationId applicationStatus businessInformation { legalName dba startDate website country entityType ein phone address city state postalCode avgOrderAmount } productsAndServices { industry industryOther services supportEmail supportPhone } owners { id givenName familyName title email phone dob maskedSsn address city state postalCode percentageOwnership ownerType } idvCompleted businessInfoCompleted productsAndServicesCompleted bankLinked totalOwnership ownersCompleted agreementsCompleted transferInstrumentCompleted totalSections completedSections sections { name completed } } }",
  "variables": {
    "input": {
      "email": "user@example.com",
      "configurationId": "abc123"
    }
  }
}
""";

using var client = new HttpClient();
using var content = new StringContent(body, Encoding.UTF8, "application/json");
client.DefaultRequestHeaders.Add("Authorization", "Bearer <api-key>");

var response = await client.PostAsync("https://graph.clientloop.com/", content);
var result = await response.Content.ReadAsStringAsync();

Types

input ApplySessionCreateInput

FieldTypeDescription
emailEmail!
configurationIdID!

type ApplySession

FieldTypeDescription
idID!
expiresAtDateTime!The time at which the session expires.
expiredBoolean!True when expiresAt is in the past. Computed at read time.
applicationIdID!The Application opened for this session's email + agency. Set when the session is started or created.
applicationStatusApplicationStatus!Status of the linked Application. Resolved at read time; not persisted on the session.
businessInformationApplySessionBusinessInformation!Business information for the linked Application. Resolved at read time; not persisted on the session.
productsAndServicesApplySessionProductsAndServices!Products & services for the linked Application. Resolved at read time; not persisted on the session.
owners[ApplySessionOwner!]!Owners on the linked Application. Resolved at read time; not persisted on the session.
idvCompletedBoolean!True when the linked Application's identity-verification session has reached a terminal state (Success, Failed, or PendingReview). Resolved at read time.
businessInfoCompletedBoolean!True when the linked Application has all required business-information fields populated. Resolved at read time.
productsAndServicesCompletedBoolean!True when the linked Application has all required products-and-services fields populated. Resolved at read time.
bankLinkedBoolean!True when an ACH bank account has been linked to the Application via Plaid. Resolved at read time.
totalOwnershipInt!Sum of the percentageOwnership across all owners on the linked Application. Resolved at read time.
ownersCompletedBoolean!True when the listed owners on the linked Application collectively represent at least 75% ownership. Resolved at read time.
agreementsCompletedBoolean!True when the merchant has accepted the agreements on the linked Application. Resolved at read time.
transferInstrumentCompletedBoolean!True when a transfer instrument (Card payout account) has been attached on the linked Application. Currently hardcoded to true pending Adyen webhook integration.
totalSectionsInt!Total number of sections in the apply wizard. Equal to sections.length. Resolved at read time.
completedSectionsInt!Number of completed apply-wizard sections — the count of sections entries with completed: true. Resolved at read time.
sections[ApplySectionStatus!]!Ordered list of apply-wizard sections with their completion state. Order matches the order they should be shown in the UI. Length equals totalSections; count of completed entries equals completedSections. Resolved at read time.

scalar Email

An email address

scalar DateTime

ISO 8601 formatted date time. Ex. 2023-11-23T14:30:00Z

enum ApplicationStatus

  • draft — Application was opened and is in the process of being filled out.
  • submitted — Application was submitted by the merchant and is ready for review
  • pending — Deprecated and no longer used.
  • signed — Deprecated and no longer used.
  • voided — Deprecated and no longer used.
  • completed — Deprecated and no longer used.
  • canceled — Deprecated and no longer used.
  • approved — Application has been reviewed and was approved by underwriting
  • declined — Application has been reviewed and was declined by underwriting

type ApplySessionBusinessInformation

FieldTypeDescription
legalNameString
dbaString
startDateString
websiteString
countryCountry
entityTypeEntityType
einString
phoneString
addressString
cityString
stateString
postalCodeString
avgOrderAmountAvgOrderAmount

type ApplySessionProductsAndServices

FieldTypeDescription
industryString
industryOtherString
servicesString
supportEmailEmail
supportPhoneString

type ApplySessionOwner

FieldTypeDescription
idID!
givenNameString
familyNameString
titleString
emailEmail
phoneString
dobString
maskedSsnStringMasked SSN with only the last 4 digits visible (e.g. ***-**-1234).
addressString
cityString
stateString
postalCodeString
percentageOwnershipInt
ownerTypeApplicationOwnerType

type ApplySectionStatus

A section of the apply wizard with its current completion state. The sections array is ordered for display.

FieldTypeDescription
nameApplySectionName!
completedBoolean!

enum Country

  • usa
  • can

enum EntityType

  • sp
  • gp
  • lp
  • llp
  • llc
  • ccorp
  • scorp
  • bcorp
  • nonprofit
  • coop
  • gov

enum AvgOrderAmount

Bucketed average invoice or order amount the merchant typically transacts. Amounts are USD for US merchants and CAD for Canadian merchants — interpreted at display time from the application's country.

  • Under100 — Less than 100
  • From100To500 — 100 to 500
  • From501To1000 — 501 to 1,000
  • Over1000 — More than 1,000

enum ApplicationOwnerType

  • CONTROL_PERSON
  • BENEFICIAL_OWNER

enum ApplySectionName

Stable identifier for a section of the apply wizard. Order in which these appear in Application.sections / ApplySession.sections is the order they should be rendered in the UI.

  • Idv — Identity verification (Plaid IDV).
  • BusinessInfo — Tell-us-about-your-business form.
  • Owners — Business owners.
  • ProductsAndServices — Products and services.
  • BankLink — ACH bank account link (Plaid). Only present when avgOrderAmount is Over1000 and the ApplyConfiguration has plaidTransferEnabled.
  • TransferInstrument — Card payout transfer instrument (Adyen).
  • Agreements — Review and accept agreements.