chore: update v3 OpenAPI specs to v3.640.0

[Ed Fricker (beastawakens)]

User description

Automated v3 OpenAPI spec update for v3.640.0.

---

PR Type

Enhancement

---

Description

• Replace v3-block-user API with new v3-report-user-fraud endpoint

• Add missingCallbackUrl error example to multiple verification specs

• New fraud reporting supports structured reasons and email-based attribution

---

Diagram Walkthrough

flowchart LR
  A["v3-block-user (removed)"] -- "replaced by" --> B["v3-report-user-fraud (new)"]
  C["Verification specs"] -- "added example" --> D["missingCallbackUrl error"]

Loading

File Walkthrough

	Relevant files
Documentation	3 files CHANGELOG.md Add v3.640.0 changelog entry with updates and removal        +15/-0    README.md Replace Block User with Report User Fraud in API table      +1/-1      index.html Update spec list: remove block-user, add report-user-fraud +1/-1
Enhancement	9 files v3-biometric-authentication-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-biometric-enrollment-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-biometric-kyc-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-block-user.yaml Remove entire Block User API specification                              +0/-261  v3-document-verification-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-enhanced-document-verification-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-enhanced-kyc-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0      v3-report-user-fraud.yaml Add new Report User Fraud API specification                            +287/-0  v3-smart-selfie-compare-entry.yaml Add missingCallbackUrl error example to 400 response          +5/-0

---

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[prfectionist]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🏅 Score: 90

🧪 No relevant tests

🔒 No security concerns identified

🔀 No multiple PR themes

⚡ Recommended focus areas for review Schema Permissiveness The ReportUserFraudRequest schema sets additionalProperties: true, which means any arbitrary fields can be sent in the request body. This could lead to unexpected data being stored or processed. Consider whether this should be false or omitted (defaults to allowing additional properties in OpenAPI 3.0 but explicitly setting true signals intentional permissiveness). additionalProperties: true Conditional Validation The reason field is described as required when is_fraud is true and notes is required when is_fraud is false or reason is OTHER, but OpenAPI 3.0 cannot express these conditional requirements in the schema itself. The schema only marks is_fraud and reported_by as required. Consumers relying solely on the schema for validation will miss these constraints. Consider documenting this limitation more prominently or using a discriminator pattern if possible. required: - is_fraud - reported_by properties: is_fraud: type: boolean description: | `true` to flag the user as fraudulent, `false` to clear a previous fraud flag. example: true reason: type: string description: | Reason for the fraud report. **Required when `is_fraud` is `true`**; ignored when `is_fraud` is `false`. If `OTHER` is selected, `notes` becomes required. enum: - FIRST_PARTY_FRAUD - SECOND_PARTY_FRAUD - THIRD_PARTY_FRAUD - SYNTHETIC_IDENTITY - ACCOUNT_TAKEOVER - DOCUMENT_FORGERY - IDENTITY_FARMING - MULE_ACCOUNT - OTHER example: FIRST_PARTY_FRAUD notes: type: string maxLength: 500 description: | Free-form notes describing the fraud report. **Required when** either `is_fraud` is `false` or `reason` is `OTHER`. Optional in all other cases. Capped at 500 characters. example: Account takeover confirmed via partner internal review. reported_by: type: string format: email description: Email address of the person submitting the report. example: risk@partner.example

[prfectionist]

PR Code Suggestions ✨

No code suggestions found for the PR.

[Copilot]

Pull request overview

Updates the v3 OpenAPI spec set to release v3.640.0, replacing the removed Block User endpoint with a new Report User Fraud endpoint and expanding validation-error examples across multiple verification entry specs.

Changes:

• Removed v3-block-user spec and updated docs/index + README endpoint tables accordingly.
• Added new v3-report-user-fraud OpenAPI spec describing structured fraud reporting / clearing.
• Added a missingCallbackUrl 400-error example to multiple entry specs.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
CHANGELOG.md	Adds v3.640.0 release notes (needs small categorization fix for newly-added spec).
README.md	Updates endpoint table to remove Block User and add Report User Fraud.
docs/index.html	Updates Redoc spec list to remove Block User and add Report User Fraud.
specs/v3/v3-biometric-authentication-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-biometric-enrollment-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-biometric-kyc-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-document-verification-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-enhanced-document-verification-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-enhanced-kyc-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-smart-selfie-compare-entry.yaml	Adds missingCallbackUrl 400 example.
specs/v3/v3-report-user-fraud.yaml	Introduces the new fraud reporting/clearing endpoint spec.
specs/v3/v3-block-user.yaml	Removes the old Block User spec entirely.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.