chore: update v3 OpenAPI specs to v3.638.0

[Ed Fricker (beastawakens)]

User description

Automated v3 OpenAPI spec update for v3.638.0.

---

PR Type

Enhancement

---

Description

• Replace v3-block-user API with new v3-report-user-fraud endpoint

• Add missingCallbackUrl error example to multiple verification specs

• New fraud reporting supports structured reasons and email-based attribution

---

Diagram Walkthrough

flowchart LR
  A["v3-block-user (removed)"] -- "replaced by" --> B["v3-report-user-fraud (new)"]
  C["Verification specs"] -- "added error example" --> D["missingCallbackUrl 400 response"]

Loading

File Walkthrough

	Relevant files
Documentation	3 files CHANGELOG.md Add v3.638.0 changelog with updated and removed specs        +15/-0    README.md Replace Block User with Report User Fraud in API table      +1/-1      index.html Update spec list: remove block-user, add report-user-fraud +1/-1
Enhancement	9 files v3-biometric-authentication-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-biometric-enrollment-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-biometric-kyc-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-block-user.yaml Remove entire Block User API specification                              +0/-261  v3-document-verification-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-enhanced-document-verification-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-enhanced-kyc-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-report-user-fraud.yaml Add new Report User Fraud API specification                            +287/-0  v3-smart-selfie-compare-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0

---

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[prfectionist]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🏅 Score: 90

🧪 No relevant tests

🔒 No security concerns identified

🔀 No multiple PR themes

⚡ Recommended focus areas for review Schema Permissiveness The ReportUserFraudRequest schema sets additionalProperties: true, which means any arbitrary fields can be sent in the request body. This could lead to unexpected data being stored or processed. Consider whether this should be false or omitted (defaults to allowing additional properties in OpenAPI 3.0, but explicitly setting true signals intent that may not be desired for a security-sensitive fraud reporting endpoint). additionalProperties: true Conditional Validation The reason field is documented as required when is_fraud is true, and notes is required when is_fraud is false or reason is OTHER, but these conditional requirements cannot be expressed in the OpenAPI 3.0 schema itself (only in the description). The top-level required array only lists is_fraud and reported_by. Consumers relying on schema validation alone won't enforce these conditional rules. Consider documenting this limitation or using oneOf/anyOf discriminators if feasible. required: - is_fraud - reported_by properties: is_fraud: type: boolean description: | `true` to flag the user as fraudulent, `false` to clear a previous fraud flag. example: true reason: type: string description: | Reason for the fraud report. **Required when `is_fraud` is `true`**; ignored when `is_fraud` is `false`. If `OTHER` is selected, `notes` becomes required. enum: - FIRST_PARTY_FRAUD - SECOND_PARTY_FRAUD - THIRD_PARTY_FRAUD - SYNTHETIC_IDENTITY - ACCOUNT_TAKEOVER - DOCUMENT_FORGERY - IDENTITY_FARMING - MULE_ACCOUNT - OTHER example: FIRST_PARTY_FRAUD notes: type: string maxLength: 500 description: | Free-form notes describing the fraud report. **Required when** either `is_fraud` is `false` or `reason` is `OTHER`. Optional in all other cases. Capped at 500 characters. example: Account takeover confirmed via partner internal review. reported_by: type: string format: email description: Email address of the person submitting the report. example: risk@partner.example additionalProperties: true

[prfectionist]

PR Code Suggestions ✨

No code suggestions found for the PR.

[Copilot]

Pull request overview

This PR updates the Smile Identity v3 OpenAPI spec set to v3.638.0 by removing the legacy Block User spec and introducing the new Report User Fraud endpoint, plus adding a missingCallbackUrl 400-error example across several verification specs.

Changes:

• Remove v3-block-user spec and replace it with the new v3-report-user-fraud spec/endpoint.
• Add missingCallbackUrl example to 400 responses in multiple verification-related specs.
• Update rendered docs and README endpoint table to reflect the new spec set.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
CHANGELOG.md	Adds v3.638.0 entry documenting spec changes/removal (needs a small correction re: “Added” vs “Changed”).
README.md	Updates endpoint/spec table to replace Block User with Report User Fraud.
docs/index.html	Updates Redoc spec list to remove Block User and add Report User Fraud.
specs/v3/v3-biometric-authentication-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-biometric-enrollment-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-biometric-kyc-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-document-verification-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-enhanced-document-verification-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-enhanced-kyc-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-smart-selfie-compare-entry.yaml	Adds missingCallbackUrl 400-response example.
specs/v3/v3-report-user-fraud.yaml	Introduces the new fraud reporting endpoint/specification.
specs/v3/v3-block-user.yaml	Removes the legacy Block User API specification.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.