Register a MED fraud marker
Authorizations
JWT Bearer token authentication. Obtain token from /v1/login/oauth/access_token endpoint
using client credentials (clientId and clientSecret).
Include token in Authorization header:
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Token expires after 3600 seconds (1 hour).
Body
The flagged document.
Business-derived idempotency key (Chave-Idempotencia).
Fraud-type code on create (0=Falsidade ideologica, 1=Conta laranja, 2=Conta do fraudador, 3=Outra; 4 Desconhecida is read-only).
Person-type code (0=Pessoa Fisica, 1=Pessoa Juridica).
The flagged Pix key, if known.
Response
Accepted
The flagged document.
Upstream creation timestamp (RFC 3339 UTC).
Upstream last-modification timestamp (RFC 3339 UTC) — the watermark.
Fraud-marker GUID (the natural key).
ISPB of the creator PSP.
stMarcacaoFraude lifecycle code (0=Registrada, 1=Cancelada).
Human-readable stMarcacaoFraude label.
Fraud-type code (0..4; 4=Desconhecida is read-only).
Human-readable tpFraude label.
Person-type code (0=Pessoa Fisica, 1=Pessoa Juridica).
Human-readable tpPessoa label.
The flagged Pix key, when known.
Linked infraction GUID, when the marker was auto-created from a closed infraction.
Linked infraction's PSP ISPB, when infraction-originated.

