thijooree/docs/bmlapi/05-userinfo.md

# User Info and Session Health

Two endpoints for checking the current session and fetching the authenticated user's personal details.

---

## Profile Health Check

A lightweight call to verify that the access token is still valid. Returns HTTP `200` on success, `401`/`419` if expired.

```
GET https://www.bankofmaldives.com.mv/internetbanking/api/mobile/profile
```

### Request

```bash
curl --request GET \
  --url 'https://www.bankofmaldives.com.mv/internetbanking/api/mobile/profile' \
  --header 'Authorization: Bearer <access_token>' \
  --header 'User-Agent: bml-mobile-banking/348 ({manufacturer}; Android {version}; {model})' \
  --header 'x-app-version: 2.1.44.348'
```

Use this to probe the session before making more expensive calls. On `401` or `419`, proceed to [token refresh](03-oauth-token.md#token-refresh).

---

## User Info

Fetch personal details for the currently authenticated user.

```
GET https://www.bankofmaldives.com.mv/internetbanking/api/mobile/userinfo
```

### Request

```bash
curl --request GET \
  --url 'https://www.bankofmaldives.com.mv/internetbanking/api/mobile/userinfo' \
  --header 'Authorization: Bearer <access_token>' \
  --header 'User-Agent: bml-mobile-banking/348 ({manufacturer}; Android {version}; {model})' \
  --header 'x-app-version: 2.1.44.348'
```

### Response

```json
{
  "success": true,
  "payload": {
    "user": {
      "fullname": "MOHAMED ALI",
      "email": "user@example.com",
      "mobile_phone": "9600000001",
      "customer_number": "C0000001",
      "idcard": "A123456",
      "birthdate": "1990-01-01"
    }
  }
}
```

| Field | Type | Description |
|---|---|---|
| `fullname` | `string` | Full name (typically uppercase) |
| `email` | `string` | Registered email address |
| `mobile_phone` | `string` | Registered mobile number |
| `customer_number` | `string` | BML internal customer ID (e.g. `C0000001`) |
| `idcard` | `string` | National ID card number |
| `birthdate` | `string` | Date of birth (`YYYY-MM-DD`) |

### Failure

```json
{ "success": false }
```

Returns `null` payload if the account has no user info record, or `success: false` on any error.

---

## Loan Detail

Fetch extended details for a loan account. The `{id}` is the internal account ID (`id` field) from the [dashboard](04-dashboard.md) response.

```
GET https://www.bankofmaldives.com.mv/internetbanking/api/mobile/account/{id}
```

### Request

```bash
curl --request GET \
  --url 'https://www.bankofmaldives.com.mv/internetbanking/api/mobile/account/loan001' \
  --header 'Authorization: Bearer <access_token>' \
  --header 'User-Agent: bml-mobile-banking/348 ({manufacturer}; Android {version}; {model})' \
  --header 'x-app-version: 2.1.44.348'
```

### Response

```json
{
  "success": true,
  "payload": {
    "loanAmount": 50000.00,
    "outstandingAmt": -30000.00,
    "repayAmount": 1500.00,
    "intRate": 8.5,
    "loanStatus": "Active",
    "startDate": "2023-10-26T00:00:00+05:00",
    "endDate": "2026-10-26T00:00:00+05:00",
    "noOfRepayOverdue": 0,
    "overdueAmount": 0.00
  }
}
```

| Field | Type | Description |
|---|---|---|
| `loanAmount` | `number` | Original loan principal |
| `outstandingAmt` | `number` | Outstanding balance — returned as a **negative number**; use `abs()` for display |
| `repayAmount` | `number` | Periodic repayment amount |
| `intRate` | `number` | Interest rate (percentage) |
| `loanStatus` | `string` | Status string (e.g. `"Active"`) |
| `startDate` | `string` | Loan start date (ISO 8601) |
| `endDate` | `string` | Loan end date (ISO 8601) |
| `noOfRepayOverdue` | `number` | Number of overdue repayments |
| `overdueAmount` | `number` | Total overdue amount |

On `401`/`419` the session has expired — attempt [token refresh](03-oauth-token.md#token-refresh).

---

&nbsp;

---

[← Dashboard](04-dashboard.md) &nbsp;&nbsp;&nbsp; **Next →** [Account History](06-account-history.md)