> ## Documentation Index
> Fetch the complete documentation index at: https://developers.circle.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How-to: Handle requests for information

> Respond to compliance team RFIs by updating data, re-uploading documents, and resubmitting applications

Resolve compliance team requests so your application can proceed to approval.
List RFI bundles to see what's needed, update the requested fields or documents,
respond with comments, and resubmit the application.

<Note>
  The End User Onboarding API base URL is `https://api-sandbox.circle.com` for
  sandbox and `https://api.circle.com` for production. All requests require a
  Bearer token obtained via Circle key exchange in the `Authorization` header. All
  `POST` requests require an `X-Idempotency-Key` header with a client-generated
  UUID v4.
</Note>

## Prerequisites

Before you begin, ensure that you've:

* Obtained an API key for the End User Onboarding API from the
  [CPN Console](https://console.circle.com).
* Confirmed your application is in `PENDING_CUSTOMER_INFORMATION` status. See
  [Application states](/cpn/managed-payments/end-user-onboarding/references/application-states)
  for the full lifecycle.

## Steps

### Step 1. List RFI bundles

When an application moves to `PENDING_CUSTOMER_INFORMATION`, the `pendingRfis`
array on the application response contains the bundle IDs. List all bundles:

```shell theme={null}
curl --request GET \
  --url https://api-sandbox.circle.com/v1/onboarding/partner/applications/${APPLICATION_ID}/rfis \
  --header "Authorization: Bearer ${YOUR_API_KEY}"
```

**Example response:**

```json theme={null}
{
  "data": {
    "bundles": [
      {
        "bundleId": "660e8400-e29b-41d4-a716-446655440010",
        "status": "PUBLISHED",
        "createdAt": "2026-03-26T10:00:00Z",
        "rfis": [
          {
            "rfiId": "770e8400-e29b-41d4-a716-446655440011",
            "section": "beneficial_owners",
            "field": "passport_document",
            "type": "COLLECT_DOCUMENT",
            "status": "PENDING",
            "systemComment": "Document is illegible. Please upload a clearer copy.",
            "createdAt": "2026-03-26T10:00:00Z"
          }
        ]
      }
    ]
  }
}
```

Each RFI identifies the `section` and `field` that needs attention. The
`systemComment` explains what the compliance team requires.

### Step 2. View RFI detail and comments

Retrieve the full detail for a specific RFI, including any prior comments:

```shell theme={null}
curl --request GET \
  --url https://api-sandbox.circle.com/v1/onboarding/partner/applications/${APPLICATION_ID}/rfis/${RFI_ID} \
  --header "Authorization: Bearer ${YOUR_API_KEY}"
```

### Step 3. Update the requested data

For RFIs with type `UPDATE_FIELD` or `NEW_FIELD`, submit the corrected field
data directly to the RFI:

```shell theme={null}
curl --request PATCH \
  --url https://api-sandbox.circle.com/v1/onboarding/partner/applications/${APPLICATION_ID}/rfis/${RFI_ID} \
  --header "Authorization: Bearer ${YOUR_API_KEY}" \
  --header 'Content-Type: application/json' \
  --data '{
    "businessWebsite": "https://example.com"
  }'
```

Replace the key with the `datumName` from the RFI detail response. The API
validates the value against the application schema and marks the RFI as
responded.

For RFIs with type `COLLECT_DOCUMENT`, re-upload the document instead. See
[Upload documents](/cpn/managed-payments/end-user-onboarding/howtos/upload-documents)
for the upload workflow.

### Step 4. Respond with a comment

Add a comment to an RFI to communicate with the compliance team:

```shell theme={null}
curl --request POST \
  --url https://api-sandbox.circle.com/v1/onboarding/partner/applications/${APPLICATION_ID}/rfis/${RFI_ID}/comments \
  --header "Authorization: Bearer ${YOUR_API_KEY}" \
  --header 'Content-Type: application/json' \
  --header 'X-Idempotency-Key: ${IDEMPOTENCY_KEY}' \
  --data '{
    "content": "Updated the field as requested."
  }'
```

### Step 5. Resubmit the application

After you address all open RFIs, resubmit the application so it moves back to
`SUBMITTED` for another round of review:

```shell theme={null}
curl --request POST \
  --url https://api-sandbox.circle.com/v1/onboarding/partner/applications/${APPLICATION_ID}/submit \
  --header "Authorization: Bearer ${YOUR_API_KEY}" \
  --header 'Content-Type: application/json' \
  --header 'X-Idempotency-Key: ${IDEMPOTENCY_KEY}' \
  --data '{
    "endUserIpAddress": "203.0.113.42",
    "endUserAgreesToTermsOfService": true
  }'
```

This is the same endpoint used during initial submission. For details on
optional fields such as `certificationIds`, see
[Submit and track applications](/cpn/managed-payments/end-user-onboarding/howtos/submit-and-track-applications#step-2-submit-the-application).

## See also

* [Submit and track applications](/cpn/managed-payments/end-user-onboarding/howtos/submit-and-track-applications)
* [Application states](/cpn/managed-payments/end-user-onboarding/references/application-states)
* [Upload documents](/cpn/managed-payments/end-user-onboarding/howtos/upload-documents)
