# Fetch a Compliance Form Finix sends a webhook whenever a new Compliance Form is created for your Merchant. Using the ID, you can retrieve the Compliance Form. Endpoint: GET /compliance_forms/{compliance_form_id} Version: 2022-02-01 Security: BasicAuth ## Path parameters: - `compliance_form_id` (string, required) The ID of the Compliance Form. ## Header parameters: - `Finix-Version` (string) Specify the API version of your request. For more details, see Versioning. Example: "2022-02-01" ## Response 200 fields (application/json): - `id` (string) The ID of the resource. - `created_at` (string) Timestamp of when the object was created. - `updated_at` (string) Timestamp of when the object was last updated. - `application` (string) ID of the Application to which the Compliance Form belongs. - `compliance_form_template` (string) The ID of the template used to create the Compliance Form. - `due_at` (string) Timestamp of when the Compliance Form is due. By default, this is 3 months after the form was created. - `files` (object) IDs of the File resources for the signed and unsigned Compliance Form PDFs. - `files.signed_file` (string,null) The ID of the File resource for the signed Compliance Form PDF. - `files.unsigned_file` (string) The ID of the File resource for the unsigned Compliance Form PDF. - `linked_to` (string) The ID of the resource to which the Compliance Form belongs. - `linked_type` (string) Type of the resource to which the Compliance Form belongs. Enum: "MERCHANT" - `pci_saq_a` (object) Details about the signee's digital signature - `pci_saq_a.ip_address` (string,null) The IP address of the signee. - `pci_saq_a.is_accepted` (boolean) Whether the signee has signed the form. - `pci_saq_a.name` (string,null) The full name of the signee. - `pci_saq_a.signed_at` (string,null) The timestamp of the signee's signature. - `pci_saq_a.title` (string,null) The job title of the signee. - `pci_saq_a.user_agent` (string,null) The User-Agent string of the signee's device. - `state` (string) The state of the Compliance Form. Enum: "INCOMPLETE", "OVERDUE", "COMPLETE", "EXPIRED", "INVALID" - `tags` (object,null) Include up to 50 key: value pairs to annotate requests with custom metadata. - Maximum character length for individual keys is 40. - Maximum character length for individual values is 500. (For example, order_number: 25, item_type: produce, department: sales) - `type` (string) The type of the Compliance Form. Enum: "PCI_SAQ_A" - `valid_from` (string,null) The timestamp of when the Compliance Form is valid from. This is set to the form's signed_at timestamp upon signature. - `valid_until` (string,null) The timestamp of when the Compliance Form is valid until. This is set to one year after the form's signed_at timestamp upon signature. - `version` (string) The version of the Compliance Form. ## Response 401 fields (application/json): - `total` (integer, required) Total number of errors returned. - `_embedded` (object, required) Container for embedded error objects. - `_embedded.errors` (array) List of individual error objects. - `_embedded.errors.code` (string) The error code. The UNKNOWN error code is returned for a 401 Unauthorized or 403 Forbidden request. - `_embedded.errors.logref` (string) A log reference identifier for the error, useful for debugging and support purposes. - `_embedded.errors.message` (string) A human-friendly error message. - `_embedded.errors._links` (object) Links related to this error. - `_embedded.errors._links.self` (object) Link to the resource related to the error. - `_embedded.errors._links.self.href` (string) URL of the related resource. ## Response 403 fields (application/json): - `total` (integer, required) Total number of errors returned. - `_embedded` (object, required) Container for embedded error objects. - `_embedded.errors` (array) List of individual error objects. - `_embedded.errors.code` (string) The error code. The UNKNOWN error code is returned for a 401 Unauthorized or 403 Forbidden request. - `_embedded.errors.logref` (string) A log reference identifier for the error, useful for debugging and support purposes. - `_embedded.errors.message` (string) A human-friendly error message. - `_embedded.errors._links` (object) Links related to this error. - `_embedded.errors._links.self` (object) Link to the resource related to the error. - `_embedded.errors._links.self.href` (string) URL of the related resource. ## Response 404 fields (application/json): - `total` (integer, required) Total number of errors returned. - `_embedded` (object, required) Container for embedded error objects. - `_embedded.errors` (array) List of individual error objects. - `_embedded.errors.code` (string) The error code. The UNKNOWN error code is returned for a 401 Unauthorized or 403 Forbidden request. - `_embedded.errors.logref` (string) A log reference identifier for the error, useful for debugging and support purposes. - `_embedded.errors.message` (string) A human-friendly error message. - `_embedded.errors._links` (object) Links related to this error. - `_embedded.errors._links.self` (object) Link to the resource related to the error. - `_embedded.errors._links.self.href` (string) URL of the related resource. ## Response 406 fields (application/json): - `total` (integer, required) Total number of errors returned. - `_embedded` (object, required) Container for embedded error objects. - `_embedded.errors` (array) List of individual error objects. - `_embedded.errors.code` (string) The error code. The UNKNOWN error code is returned for a 401 Unauthorized or 403 Forbidden request. - `_embedded.errors.logref` (string) A log reference identifier for the error, useful for debugging and support purposes. - `_embedded.errors.message` (string) A human-friendly error message. - `_embedded.errors._links` (object) Links related to this error. - `_embedded.errors._links.self` (object) Link to the resource related to the error. - `_embedded.errors._links.self.href` (string) URL of the related resource.