{"title":"Compliance with PCI DSS requirements","category":"default","creationDate":1776961628,"content":"<div class=\"additional-info-block output-inline\">\n<h5 class=\"article__heading additional-info-block__title\">PCI DSS compliance<\/h5><div class=\"additional-info-block__body\"><p>Learn about PCI DSS compliance at Adyen in our <a href=\"\/pt\/development-resources\/pci-dss-compliance-guide\">compliance guide<\/a>.<\/p><\/div><\/div>\n\n<p>Because your users have a direct connection with card schemes, they must comply with the requirements laid down in the Payment Card Industry Data Security Standards (PCI DSS) for collecting, processing, storing, and transmitting cardholder data in a secure environment. To prove their compliance, they must sign a Self-Assessment Questionnaire (SAQ) before they can start processing card payments. The questionnaire asks them to confirm the security of their cardholder data environment, which typically includes their website, web servers, and employees who can access them.<\/p>\n<p>Depending on your user's sales channels, they must sign one or more SAQs. The questionnaires that Adyen provides are simplified versions of the full SAQs. If multiple SAQs are required, Adyen provides all the questionnaires and your users will only need to sign once.<\/p>\n<h2>Requirements<\/h2>\n<p>Take into account the following requirements, limitations, and preparations<\/p>\n<table>\n<thead>\n<tr>\n<th style=\"text-align: left;\">Requirement<\/th>\n<th style=\"text-align: left;\">Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td style=\"text-align: left;\"><strong>Integration type<\/strong><\/td>\n<td style=\"text-align: left;\">You must have an Adyen for Platforms <a href=\"\/pt\/platforms\">platform setup<\/a>.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong><a href=\"\/pt\/development-resources\/api-credentials\/\">API credentials<\/a><\/strong><\/td>\n<td style=\"text-align: left;\">You must have credentials for the  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/overview\" class=\" external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Legal Entity Management API<\/a>.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong><a href=\"\/pt\/development-resources\/webhooks\">Webhooks<\/a><\/strong><\/td>\n<td style=\"text-align: left;\">You are subscribed to the <a href=\"https:\/\/docs.adyen.com\/api-explorer\/#\/balanceplatform-webhooks\/latest\/post\/balancePlatform.accountHolder.updated\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">balancePlatform.accountHolder.updated<\/a> webhook.<\/td>\n<\/tr>\n<tr>\n<td style=\"text-align: left;\"><strong>Setup steps<\/strong><\/td>\n<td style=\"text-align: left;\">Before you begin, you must have already:<br><ul><li markdown=\"1\"><a href=\"\/pt\/platforms\/verification-requirements#legal-entity-type\">Created a legal entity<\/a> for the main legal entity\/user that has a contractual relationship with your platform and for the individual who will sign the PCI document.<\/li><li markdown=\"1\">Created business lines for the main legal entity\/for the organization for all the sales channels that they support. The  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/businessLines#request-salesChannels\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">salesChannels<\/a> determine which and how many PCI documents must be signed.<\/li><li><a href=\"\/pt\/platforms\/onboard-users\/onboarding-steps\">Created an account holder<\/a> for your user.<\/ul><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>If you onboard your users using <a href=\"\/pt\/platforms\/onboard-users\">hosted onboarding<\/a>, they sign SAQs in the hosted onboarding page. To show the questionnaires to them, you must either:<\/p>\n<ul>\n<li>Add payment methods to the store of the user.<\/li>\n<li>Require the user to sign questionnaires by using the  <a href=\"\/pt\/platforms\/onboard-users\/customize-hosted-onboarding\/#page-settings\">hosted onboarding settings<\/a>.<\/li>\n<\/ul>\n<p>If you are <a href=\"\/pt\/platforms\/onboard-users\">building your own UI<\/a>, you must generate the required PCI SAQs, show these to your users, and ask them to sign by performing the following steps. Use the  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/overview\" class=\" external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Legal Entity Management API<\/a> to generate the required questionnaires and send the signed versions to Adyen.<\/p>\n<h2 id=\"get-updates\">Step 1: Confirm PCI requirements<\/h2>\n<p>When you create an account holder, certain <a href=\"\/pt\/platforms\/verification-overview\/capabilities\">capabilities<\/a> are requested for them. To check whether your user must sign PCI documents, listen to <a href=\"https:\/\/docs.adyen.com\/api-explorer\/#\/balanceplatform-webhooks\/latest\/post\/balancePlatform.accountHolder.updated\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">balancePlatform.accountHolder.updated<\/a> webhooks.<\/p>\n<p>If your user is required to sign PCI forms, it is indicated in the <code>verificationErrors<\/code> array.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'balancePlatform.accountHolder.updated webhook - with verification errors array'\" :id=\"'verification-errors'\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n   \\\"data\\\":{\\n      \\\"accountHolder\\\":{\\n         \\\"capabilities\\\":{\\n            \\\"sendToTransferInstrument\\\":{\\n               \\\"allowed\\\":\\\"false\\\",\\n               \\\"enabled\\\":\\\"true\\\",\\n               \\\"problems\\\":[\\n                  {\\n                     \\\"entity\\\":{\\n                        \\\"id\\\":\\\"LE00000000000000000000001\\\",\\n                        \\\"type\\\":\\\"LegalEntity\\\"\\n                     },\\n                     \\\"verificationErrors\\\":[\\n                        {\\n                           \\\"code\\\":\\\"2_901\\\",\\n                           \\\"message\\\":\\\"PCI forms are not signed.\\\",\\n                           \\\"remediatingActions\\\":[\\n                              {\\n                                 \\\"code\\\":\\\"2_901\\\",\\n                                 \\\"message\\\":\\\"Sign PCI\\\"\\n                              }\\n                           ],\\n                           \\\"type\\\":\\\"\\\"\\n                        }\\n                     ]\\n                  }\\n               ],\\n               \\\"requested\\\":\\\"true\\\",\\n               \\\"verificationStatus\\\":\\\"invalid\\\"\\n            }\\n         },\\n         \\\"description\\\":\\\"Test Account holder\\\",\\n         \\\"reference\\\":\\\"YOUR_INTERNAL_IDENTIFIER\\\",\\n         \\\"id\\\":\\\"AH00000000000000000000001\\\",\\n         \\\"legalEntityId\\\":\\\"LE00000000000000000000001\\\",\\n         \\\"status\\\":\\\"Active\\\"\\n      },\\n      \\\"balancePlatform\\\":\\\"YOUR_BALANCE_PLATFORM\\\"\\n   },\\n   \\\"environment\\\":\\\"test\\\",\\n   \\\"type\\\":\\\"balancePlatform.accountHolder.updated\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2 id=\"generate-questionnaires\">Step 2: Generate the questionnaires<\/h2>\n<p>To generate simplified questionnaires, send a POST  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/(id)\/pciQuestionnaires\/generatePciTemplates\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/legalEntities\/{id}\/pciQuestionnaires\/generatePciTemplates<\/a> request, specifying the legal entity <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities#responses-200-id\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">id<\/a> of the organization in the path.<\/p>\n<p>You can change the language of the questionnaire from the default English by sending the request with <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/generatePciTemplates#request-language\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">language<\/a> set to the two-character <a href=\"https:\/\/en.wikipedia.org\/wiki\/ISO_639-1\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">ISO 639-1<\/a> code of the desired language. For example, <strong>fr<\/strong>.<\/p>\n<p>In the body of the request, you can specify the following:<\/p>\n<table>\n<thead>\n<tr>\n<th>Parameter<\/th>\n<th>Required<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/generatePciTemplates#request-additionalSalesChannels\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">additionalSalesChannels<\/a><\/td>\n<td><\/td>\n<td>An array of additional sales channels to generate PCI questionnaires. Include the relevant sales channels if you need your user to sign PCI questionnaires. You do not need to provide these if you create stores and add payment methods for your user before you generate the questionnaires.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Generate the questionnaires in French'\" :id=\"'generate-questionnaires'\" :code-data=\"[{&quot;language&quot;:&quot;bash&quot;,&quot;tabTitle&quot;:&quot;curl&quot;,&quot;content&quot;:&quot;curl https:\\\/\\\/kyc-test.adyen.com\\\/lem\\\/v3\\\/legalEntities\\\/LE00000000000000000000001\\\/pciQuestionnaires\\\/generatePciTemplates \\\\\\n-H 'x-api-key: ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY' \\\\\\n-H 'content-type: application\\\/json' \\\\\\n-X POST \\\\\\n-d '{\\n    \\&quot;language\\&quot; : \\&quot;fr\\&quot;\\n}'&quot;},{&quot;language&quot;:&quot;java&quot;,&quot;tabTitle&quot;:&quot;Java&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Java API Library v33.0.0\\nimport com.adyen.Client;\\nimport com.adyen.enums.Environment;\\nimport com.adyen.model.legalentitymanagement.*;\\nimport java.time.OffsetDateTime;\\nimport java.util.*;\\nimport com.adyen.service.legalEntityManagement.*;\\n\\nClient client = new Client(\\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, Environment.TEST);\\n\\n\\\/\\\/ Create the request object(s)\\nGeneratePciDescriptionRequest generatePciDescriptionRequest = new GeneratePciDescriptionRequest()\\n  .language(\\&quot;fr\\&quot;);\\n\\n\\\/\\\/ Send the request\\nPciQuestionnairesApi service = new PciQuestionnairesApi(client);\\nGeneratePciDescriptionResponse response = service.generatePciQuestionnaire(\\&quot;id\\&quot;, generatePciDescriptionRequest, null);&quot;},{&quot;language&quot;:&quot;php&quot;,&quot;tabTitle&quot;:&quot;PHP&quot;,&quot;content&quot;:&quot;&lt;?php\\n\\\/\\\/ Adyen PHP API Library v24.0.0\\nuse Adyen\\\\Client;\\nuse Adyen\\\\Environment;\\nuse Adyen\\\\Model\\\\LegalEntityManagement\\\\GeneratePciDescriptionRequest;\\nuse Adyen\\\\Service\\\\LegalEntityManagement\\\\PCIQuestionnairesApi;\\n\\n$client = new Client();\\n$client-&gt;setXApiKey(\\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;);\\n$client-&gt;setEnvironment(Environment::TEST);\\n\\n\\n\\\/\\\/ Create the request object(s)\\n$generatePciDescriptionRequest = new GeneratePciDescriptionRequest();\\n$generatePciDescriptionRequest\\n  -&gt;setLanguage(\\&quot;fr\\&quot;);\\n\\n\\\/\\\/ Send the request\\n$service = new PCIQuestionnairesApi($client);\\n$response = $service-&gt;generatePciQuestionnaire('id', $generatePciDescriptionRequest);&quot;},{&quot;language&quot;:&quot;cs&quot;,&quot;tabTitle&quot;:&quot;C#&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen .net API Library v28.0.0\\nusing Adyen;\\nusing Environment = Adyen.Model.Environment;\\nusing Adyen.Model;\\nusing Adyen.Model.LegalEntityManagement;\\nusing Adyen.Service.LegalEntityManagement;\\n\\nvar config = new Config()\\n{\\n    XApiKey = \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;,\\n    Environment = Environment.Test\\n};\\nvar client = new Client(config);\\n\\n\\\/\\\/ Create the request object(s)\\nGeneratePciDescriptionRequest generatePciDescriptionRequest = new GeneratePciDescriptionRequest\\n{\\n  Language = \\&quot;fr\\&quot;\\n};\\n\\n\\\/\\\/ Send the request\\nvar service = new PCIQuestionnairesService(client);\\nvar response = service.GeneratePciQuestionnaire(\\&quot;id\\&quot;, generatePciDescriptionRequest);&quot;},{&quot;language&quot;:&quot;js&quot;,&quot;tabTitle&quot;:&quot;NodeJS (JavaScript)&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Node API Library v23.3.0\\nconst { Client, LegalEntityManagementAPI } = require('@adyen\\\/api-library');\\n\\nconst client = new Client({ apiKey: \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, environment: \\&quot;TEST\\&quot; });\\n\\n\\\/\\\/ Create the request object(s)\\nconst generatePciDescriptionRequest = {\\n  language: \\&quot;fr\\&quot;\\n}\\n\\n\\\/\\\/ Send the request\\nconst legalEntityManagementAPI = new LegalEntityManagementAPI(client);\\nconst response = legalEntityManagementAPI.PCIQuestionnairesApi.generatePciQuestionnaire(\\&quot;id\\&quot;, generatePciDescriptionRequest);&quot;},{&quot;language&quot;:&quot;go&quot;,&quot;tabTitle&quot;:&quot;Go&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Go API Library v17.0.0\\nimport (\\n  \\&quot;context\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/common\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/adyen\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/legalEntityManagement\\&quot;\\n)\\nclient := adyen.NewClient(&amp;common.Config{\\n  ApiKey:      \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;,\\n  Environment: common.TestEnv,\\n})\\n\\n\\\/\\\/ Create the request object(s)\\ngeneratePciDescriptionRequest := legalEntityManagement.GeneratePciDescriptionRequest{\\n  Language: common.PtrString(\\&quot;fr\\&quot;),\\n}\\n\\n\\\/\\\/ Send the request\\nservice := client.LegalEntityManagement()\\nreq := service.PCIQuestionnairesApi.GeneratePciQuestionnaireInput(\\&quot;id\\&quot;).GeneratePciDescriptionRequest(generatePciDescriptionRequest)\\nres, httpRes, err := service.PCIQuestionnairesApi.GeneratePciQuestionnaire(context.Background(), req)&quot;},{&quot;language&quot;:&quot;py&quot;,&quot;tabTitle&quot;:&quot;Python&quot;,&quot;content&quot;:&quot;# Adyen Python API Library v13.3.0\\nimport Adyen\\n\\nadyen = Adyen.Adyen()\\nadyen.client.xapikey = \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;\\nadyen.client.platform = \\&quot;test\\&quot; # The environment to use library in.\\n\\n# Create the request object(s)\\njson_request = {\\n  \\&quot;language\\&quot;: \\&quot;fr\\&quot;\\n}\\n\\n# Send the request\\nresult = adyen.legalEntityManagement.pci_questionnaires_api.generate_pci_questionnaire(request=json_request, id=\\&quot;id\\&quot;)&quot;},{&quot;language&quot;:&quot;rb&quot;,&quot;tabTitle&quot;:&quot;Ruby&quot;,&quot;content&quot;:&quot;# Adyen Ruby API Library v10.1.1\\nrequire \\&quot;adyen-ruby-api-library\\&quot;\\n\\nadyen = Adyen::Client.new\\nadyen.api_key = 'ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY'\\nadyen.env = :test # Set to \\&quot;live\\&quot; for live environment\\n\\n# Create the request object(s)\\nrequest_body = {\\n  :language =&gt; 'fr'\\n}\\n\\n# Send the request\\nresult = adyen.legalEntityManagement.pci_questionnaires_api.generate_pci_questionnaire(request_body, 'id')&quot;},{&quot;language&quot;:&quot;ts&quot;,&quot;tabTitle&quot;:&quot;NodeJS (TypeScript)&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Node API Library v23.3.0\\nimport { Client, LegalEntityManagementAPI, Types } from \\&quot;@adyen\\\/api-library\\&quot;;\\n\\nconst client = new Client({ apiKey: \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, environment: \\&quot;TEST\\&quot; });\\n\\n\\\/\\\/ Create the request object(s)\\nconst generatePciDescriptionRequest: Types.legalEntityManagement.GeneratePciDescriptionRequest = {\\n  language: \\&quot;fr\\&quot;\\n};\\n\\n\\\/\\\/ Send the request\\nconst legalEntityManagementAPI = new LegalEntityManagementAPI(client);\\nconst response = legalEntityManagementAPI.PCIQuestionnairesApi.generatePciQuestionnaire(\\&quot;id\\&quot;, generatePciDescriptionRequest);&quot;}]\" :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<p>The response returns the following information:<\/p>\n<table>\n<thead>\n<tr>\n<th>Parameter<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/generatePciTemplates#responses-200-content\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">content<\/a><\/td>\n<td>The generated questionnaire in a base64 encoded format. Decode the content with the <a href=\"https:\/\/base64.guru\/developers\/java\/examples\/decode-pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Base64.Decoder<\/a> class and present the questionnaires to your user.<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/generatePciTemplates#responses-200-language\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">language<\/a><\/td>\n<td>The language of the questionnaire. The default value is <strong>en<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/generatePciTemplates#responses-200-pciTemplateReferences\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">pciTemplateReferences<\/a><\/td>\n<td>The array of Adyen-generated unique identifiers for the questionnaires. If the array is empty, the user is not required to sign questionnaires. You must include this information in the signing request.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Generated questionnaires in French'\" :id=\"''\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n    \\\"content\\\": \\\"l345JKNFj345FJLG3lk...\\\",\\n    \\\"language\\\": \\\"fr\\\",\\n    \\\"pciTemplateReferences\\\": [\\n        \\\"PCIT-T7KC6VGL\\\",\\n        \\\"PCIT-PKB6DKS4\\\"\\n    ]\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2 id=\"present-questionnaire\">Step 3: Present the questionnaires to your user<\/h2>\n<p>You need to ask your user to review and sign the questionnaires. When presenting them to your user in your website, you can render the documents using the Adyen Document Viewer.<\/p>\n<p>Decode the documents before passing them to the Adyen Document Viewer.<\/p>\n<pre><code class=\"language-js\">const documentViewer = new AdyenDocumentViewer('#test');\nconst document = JSON.parse(decodeURIComponent(escape(window.atob(pciTemplateReferences.document))));\ndocumentViewer.render(document);<\/code><\/pre>\n\n<div id=\"tabs3Elg\">\n    <div data-component-wrapper=\"tabs\">\n        <tabs\n                        :items=\"[{&quot;title&quot;:&quot;npm (Recommended)&quot;,&quot;content&quot;:&quot;\\n&lt;p&gt;Install the &lt;a href=\\&quot;https:\\\/\\\/www.npmjs.com\\\/package\\\/@adyen\\\/adyen-document-viewer\\&quot; target=\\&quot;_blank\\&quot; rel=\\&quot;nofollow noopener noreferrer\\&quot; class=\\&quot;external-link no-image\\&quot;&gt;Adyen Document Viewer package&lt;\\\/a&gt;:&lt;\\\/p&gt;\\n&lt;pre&gt;&lt;code class=\\&quot;language-bash\\&quot;&gt;npm install @adyen\\\/adyen-document-viewer --save&lt;\\\/code&gt;&lt;\\\/pre&gt;\\n&lt;p&gt;Import the Adyen Document Viewer Node package into your application. You can add your own styling by overriding the rules in the CSS file.&lt;\\\/p&gt;\\n&lt;pre&gt;&lt;code class=\\&quot;language-js\\&quot;&gt;import AdyenDocumentViewer from &#039;@adyen\\\/adyen-document-viewer&#039;;\\nimport &#039;@adyen\\\/adyen-document-viewer\\\/dist\\\/adyen-document-viewer.min.css&#039;;&lt;\\\/code&gt;&lt;\\\/pre&gt;\\n&quot;,&quot;altTitle&quot;:null,&quot;oldTabId&quot;:&quot;npm_(recommended)_0_1&quot;,&quot;relation&quot;:&quot;&quot;},{&quot;title&quot;:&quot;Embed script and stylesheet&quot;,&quot;content&quot;:&quot;\\n&lt;p&gt;Include the script and stylesheet to a .html file&lt;\\\/p&gt;\\n&lt;div data-component-wrapper=\\&quot;code-sample\\&quot;&gt;\\n    &lt;code-sample :title=\\&quot;&#039;HTML&#039;\\&quot; :id=\\&quot;&#039;&#039;\\&quot; :code-data=&#039;[{\\&quot;language\\&quot;:\\&quot;html\\&quot;,\\&quot;tabTitle\\&quot;:\\&quot;\\&quot;,\\&quot;content\\&quot;:\\&quot;&amp;lt;script src=\\\\\\&quot;https:\\\\\\\/\\\\\\\/unpkg.com\\\\\\\/@adyen\\\\\\\/adyen-document-viewer@^1.0.0\\\\\\&quot;&amp;gt;&amp;lt;\\\\\\\/script&amp;gt;\\\\n&amp;lt;link rel=\\\\\\&quot;stylesheet\\\\\\&quot; href=\\\\\\&quot;https:\\\\\\\/\\\\\\\/unpkg.com\\\\\\\/@adyen\\\\\\\/adyen-document-viewer@^1.0.0\\\\\\\/dist\\\\\\\/adyen-document-viewer.min.css\\\\\\&quot;&amp;gt;\\&quot;}]&#039; :enable-copy-link-to-code-block=\\&quot;true\\&quot; :code-sample-card-size=\\&quot;&#039;fullsize&#039;\\&quot;&gt;&lt;\\\/code-sample&gt;\\n&lt;\\\/div&gt;\\n&quot;,&quot;altTitle&quot;:null,&quot;oldTabId&quot;:&quot;embed_script_and_stylesheet_1_2&quot;,&quot;relation&quot;:&quot;&quot;}]\"\n            :should-update-when-url-changes='false'>\n        <\/tabs>\n    <\/div>\n<\/div>\n\n<h2>Step 4: Sign the questionnaires<\/h2>\n<p>You must ask your user to declare that they comply with the scheme requirements by signing the generated questionnaires.<\/p>\n<p>To sign the questionnaires, send a POST  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/(id)\/pciQuestionnaires\/generatePciTemplates\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/legalEntities\/{id}\/pciQuestionnaires\/signPciTemplates<\/a> request, specifying the  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities#responses-200-id\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">id<\/a> of the main legal entity in the path.<\/p>\n<p>In the body of the request, specify the following:<\/p>\n<table>\n<thead>\n<tr>\n<th>Parameter<\/th>\n<th>Required<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/signPciTemplates#request-signedBy\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">signedBy<\/a><\/td>\n<td><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td>The legal entity  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities#responses-200-id\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">id<\/a> of the individual who signed the questionnaires.<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities\/_id_\/pciQuestionnaires\/signPciTemplates#request-pciTemplateReferences\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">pciTemplateReferences<\/a><\/td>\n<td><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td>The array of unique identifiers of the questionnaires.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>The request submits the legal entity ID of the individual who signed the simplified questionnaires and populates the formal PCI SAQ with the legal entity data.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Sign the questionnaires'\" :id=\"'sign-questionnaires'\" :code-data=\"[{&quot;language&quot;:&quot;bash&quot;,&quot;tabTitle&quot;:&quot;curl&quot;,&quot;content&quot;:&quot;curl https:\\\/\\\/kyc-test.adyen.com\\\/lem\\\/v3\\\/legalEntities\\\/LE00000000000000000000001\\\/pciQuestionnaires\\\/signPciTemplates \\\\\\n-H 'x-api-key: ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY' \\\\\\n-H 'content-type: application\\\/json' \\\\\\n-X POST \\\\\\n-d '{\\n    \\&quot;signedBy\\&quot;: \\&quot;LE00000000000000000000002\\&quot;,\\n    \\&quot;pciTemplateReferences\\&quot;: [\\n        \\&quot;PCIT-T7KC6VGL\\&quot;,\\n        \\&quot;PCIT-PKB6DKS4\\&quot;\\n    ]\\n}'&quot;},{&quot;language&quot;:&quot;java&quot;,&quot;tabTitle&quot;:&quot;Java&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Java API Library v33.0.0\\nimport com.adyen.Client;\\nimport com.adyen.enums.Environment;\\nimport com.adyen.model.legalentitymanagement.*;\\nimport java.time.OffsetDateTime;\\nimport java.util.*;\\nimport com.adyen.service.legalEntityManagement.*;\\n\\nClient client = new Client(\\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, Environment.TEST);\\n\\n\\\/\\\/ Create the request object(s)\\nPciSigningRequest pciSigningRequest = new PciSigningRequest()\\n  .signedBy(\\&quot;LE00000000000000000000002\\&quot;)\\n  .pciTemplateReferences(Arrays.asList(\\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot;));\\n\\n\\\/\\\/ Send the request\\nPciQuestionnairesApi service = new PciQuestionnairesApi(client);\\nPciSigningResponse response = service.signPciQuestionnaire(\\&quot;id\\&quot;, pciSigningRequest, null);&quot;},{&quot;language&quot;:&quot;php&quot;,&quot;tabTitle&quot;:&quot;PHP&quot;,&quot;content&quot;:&quot;&lt;?php\\n\\\/\\\/ Adyen PHP API Library v24.0.0\\nuse Adyen\\\\Client;\\nuse Adyen\\\\Environment;\\nuse Adyen\\\\Model\\\\LegalEntityManagement\\\\PciSigningRequest;\\nuse Adyen\\\\Service\\\\LegalEntityManagement\\\\PCIQuestionnairesApi;\\n\\n$client = new Client();\\n$client-&gt;setXApiKey(\\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;);\\n$client-&gt;setEnvironment(Environment::TEST);\\n\\n\\n\\\/\\\/ Create the request object(s)\\n$pciSigningRequest = new PciSigningRequest();\\n$pciSigningRequest\\n  -&gt;setSignedBy(\\&quot;LE00000000000000000000002\\&quot;)\\n  -&gt;setPciTemplateReferences(array(\\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot;));\\n\\n\\\/\\\/ Send the request\\n$service = new PCIQuestionnairesApi($client);\\n$response = $service-&gt;signPciQuestionnaire('id', $pciSigningRequest);&quot;},{&quot;language&quot;:&quot;cs&quot;,&quot;tabTitle&quot;:&quot;C#&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen .net API Library v28.0.0\\nusing Adyen;\\nusing Environment = Adyen.Model.Environment;\\nusing Adyen.Model;\\nusing Adyen.Model.LegalEntityManagement;\\nusing Adyen.Service.LegalEntityManagement;\\n\\nvar config = new Config()\\n{\\n    XApiKey = \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;,\\n    Environment = Environment.Test\\n};\\nvar client = new Client(config);\\n\\n\\\/\\\/ Create the request object(s)\\nPciSigningRequest pciSigningRequest = new PciSigningRequest\\n{\\n  SignedBy = \\&quot;LE00000000000000000000002\\&quot;,\\n  PciTemplateReferences = { \\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot; }\\n};\\n\\n\\\/\\\/ Send the request\\nvar service = new PCIQuestionnairesService(client);\\nvar response = service.SignPciQuestionnaire(\\&quot;id\\&quot;, pciSigningRequest);&quot;},{&quot;language&quot;:&quot;js&quot;,&quot;tabTitle&quot;:&quot;NodeJS (JavaScript)&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Node API Library v23.3.0\\nconst { Client, LegalEntityManagementAPI } = require('@adyen\\\/api-library');\\n\\nconst client = new Client({ apiKey: \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, environment: \\&quot;TEST\\&quot; });\\n\\n\\\/\\\/ Create the request object(s)\\nconst pciSigningRequest = {\\n  signedBy: \\&quot;LE00000000000000000000002\\&quot;,\\n  pciTemplateReferences: [ \\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot; ]\\n}\\n\\n\\\/\\\/ Send the request\\nconst legalEntityManagementAPI = new LegalEntityManagementAPI(client);\\nconst response = legalEntityManagementAPI.PCIQuestionnairesApi.signPciQuestionnaire(\\&quot;id\\&quot;, pciSigningRequest);&quot;},{&quot;language&quot;:&quot;go&quot;,&quot;tabTitle&quot;:&quot;Go&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Go API Library v17.0.0\\nimport (\\n  \\&quot;context\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/common\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/adyen\\&quot;\\n  \\&quot;github.com\\\/adyen\\\/adyen-go-api-library\\\/v17\\\/src\\\/legalEntityManagement\\&quot;\\n)\\nclient := adyen.NewClient(&amp;common.Config{\\n  ApiKey:      \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;,\\n  Environment: common.TestEnv,\\n})\\n\\n\\\/\\\/ Create the request object(s)\\npciSigningRequest := legalEntityManagement.PciSigningRequest{\\n  SignedBy: \\&quot;LE00000000000000000000002\\&quot;,\\n  PciTemplateReferences: []string{\\n    \\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot;,\\n  },\\n}\\n\\n\\\/\\\/ Send the request\\nservice := client.LegalEntityManagement()\\nreq := service.PCIQuestionnairesApi.SignPciQuestionnaireInput(\\&quot;id\\&quot;).PciSigningRequest(pciSigningRequest)\\nres, httpRes, err := service.PCIQuestionnairesApi.SignPciQuestionnaire(context.Background(), req)&quot;},{&quot;language&quot;:&quot;py&quot;,&quot;tabTitle&quot;:&quot;Python&quot;,&quot;content&quot;:&quot;# Adyen Python API Library v13.3.0\\nimport Adyen\\n\\nadyen = Adyen.Adyen()\\nadyen.client.xapikey = \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;\\nadyen.client.platform = \\&quot;test\\&quot; # The environment to use library in.\\n\\n# Create the request object(s)\\njson_request = {\\n  \\&quot;signedBy\\&quot;: \\&quot;LE00000000000000000000002\\&quot;,\\n  \\&quot;pciTemplateReferences\\&quot;: [ \\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot; ]\\n}\\n\\n# Send the request\\nresult = adyen.legalEntityManagement.pci_questionnaires_api.sign_pci_questionnaire(request=json_request, id=\\&quot;id\\&quot;)&quot;},{&quot;language&quot;:&quot;rb&quot;,&quot;tabTitle&quot;:&quot;Ruby&quot;,&quot;content&quot;:&quot;# Adyen Ruby API Library v10.1.1\\nrequire \\&quot;adyen-ruby-api-library\\&quot;\\n\\nadyen = Adyen::Client.new\\nadyen.api_key = 'ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY'\\nadyen.env = :test # Set to \\&quot;live\\&quot; for live environment\\n\\n# Create the request object(s)\\nrequest_body = {\\n  :signedBy =&gt; 'LE00000000000000000000002',\\n  :pciTemplateReferences =&gt; [ 'PCIT-T7KC6VGL', 'PCIT-PKB6DKS4' ]\\n}\\n\\n# Send the request\\nresult = adyen.legalEntityManagement.pci_questionnaires_api.sign_pci_questionnaire(request_body, 'id')&quot;},{&quot;language&quot;:&quot;ts&quot;,&quot;tabTitle&quot;:&quot;NodeJS (TypeScript)&quot;,&quot;content&quot;:&quot;\\\/\\\/ Adyen Node API Library v23.3.0\\nimport { Client, LegalEntityManagementAPI, Types } from \\&quot;@adyen\\\/api-library\\&quot;;\\n\\nconst client = new Client({ apiKey: \\&quot;ADYEN_LEGAL_ENTITY_MANAGEMENT_API_KEY\\&quot;, environment: \\&quot;TEST\\&quot; });\\n\\n\\\/\\\/ Create the request object(s)\\nconst pciSigningRequest: Types.legalEntityManagement.PciSigningRequest = {\\n  signedBy: \\&quot;LE00000000000000000000002\\&quot;,\\n  pciTemplateReferences: [\\&quot;PCIT-T7KC6VGL\\&quot;, \\&quot;PCIT-PKB6DKS4\\&quot;]\\n};\\n\\n\\\/\\\/ Send the request\\nconst legalEntityManagementAPI = new LegalEntityManagementAPI(client);\\nconst response = legalEntityManagementAPI.PCIQuestionnairesApi.signPciQuestionnaire(\\&quot;id\\&quot;, pciSigningRequest);&quot;}]\" :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<p>The response returns an array of the unique identifiers of the signed SAQ documents.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'List of signed questionnaires'\" :id=\"''\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n    \\\"pciQuestionnaireIds\\\": [\\n        \\\"PCID422GZ22322565HHMH48CW63CPH\\\",\\n        \\\"PCID422GZ22322565HHMH49CW75Z9H\\\"\\n    ],\\n    \\\"signedBy\\\": \\\"LE00000000000000000000002\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2>Step 5: Get a list of signed SAQs<\/h2>\n<p>To retrieve a list of the documents signed by your user, send a GET  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/get\/legalEntities\/(id)\/pciQuestionnaires\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/legalEntities\/{id}\/pciQuestionnaires<\/a> request, specifying the  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities#responses-200-id\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">id<\/a> of the main legal entity in the path.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Get a list of SAQs'\" :id=\"''\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n    \\\"data\\\": [\\n        {\\n            \\\"createdAt\\\": \\\"2023-03-02T17:54:19.538365Z\\\",\\n            \\\"id\\\": \\\"PCID422GZ22322565HHMH48CW63CPH\\\",\\n            \\\"validUntil\\\": \\\"2024-03-01T17:54:19.538365Z\\\"\\n        },\\n        {\\n            \\\"createdAt\\\": \\\"2023-03-02T17:54:19.538365Z\\\",\\n            \\\"id\\\": \\\"PCID422GZ22322565HHMH49CW75Z9H\\\",\\n            \\\"validUntil\\\": \\\"2024-03-01T17:54:19.538365Z\\\"\\n        }\\n    ]\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>\n<h2>Step 6: Download a signed questionnaire<\/h2>\n<p>To download a signed SAQ, send a GET  <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/get\/legalEntities\/(id)\/pciQuestionnaires\/(pciid)\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">\/legalEntities\/{id}\/pciQuestionnaires\/{pciid}<\/a> request, specifying the following parameters in the path:<\/p>\n<table>\n<thead>\n<tr>\n<th>Path parameter<\/th>\n<th>Required<\/th>\n<th>Description<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td> <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/post\/legalEntities#responses-200-id\" class=\"codeLabel  external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">id<\/a><\/td>\n<td><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td>The legal entity ID of the organization.<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/get\/legalEntities\/_id_\/pciQuestionnaires\/_pciid_#path-pciid\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">pciid<\/a><\/td>\n<td><img title=\"-white_check_mark-\" alt=\"-white_check_mark-\" class=\"smileys\" src=\"\/user\/data\/smileys\/emoji\/white_check_mark.png\" \/><\/td>\n<td>The ID of the signed questionnaire.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>The response returns the base64 encoded form of the signed document in PDF format in the <a href=\"https:\/\/docs.adyen.com\/api-explorer\/legalentity\/latest\/get\/legalEntities\/_id_\/pciQuestionnaires\/_pciid_#responses-200-content\" class=\"codeLabel external-link no-image\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">content<\/a> field. To present the document to your user, use the <a href=\"https:\/\/base64.guru\/developers\/java\/examples\/decode-pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\" class=\"external-link no-image\">Base64.Decoder<\/a> class.<\/p>\n<div data-component-wrapper=\"code-sample\">\n    <code-sample :title=\"'Signed questionnaire'\" :id=\"''\" :code-data='[{\"language\":\"json\",\"tabTitle\":\"\",\"content\":\"{\\n   \\\"content\\\":\\\"JVBERi0xLjUKJdDUxdgKMTAg.....\\\",\\n   \\\"createdAt\\\":\\\"2023-03-02T17:54:19.538365Z\\\",\\n   \\\"id\\\":\\\"PCID422GZ22322565HHMH48CW63CPH\\\",\\n   \\\"validUntil\\\":\\\"2024-03-01T17:54:19.538365Z\\\"\\n}\"}]' :enable-copy-link-to-code-block=\"true\" :code-sample-card-size=\"'fullsize'\"><\/code-sample>\n<\/div>","url":"https:\/\/docs.adyen.com\/pt\/platforms\/onboard-users\/pci-forms","articleFields":{"description":"Ask your users to sign the required PCI security questionnaires.","feedback_component":true,"type":"page","parameters":{"directoryPath":"\/platforms","model":"platform"}},"algolia":{"url":"https:\/\/docs.adyen.com\/pt\/platforms\/onboard-users\/pci-forms","title":"Compliance with PCI DSS requirements","content":"\nPCI DSS complianceLearn about PCI DSS compliance at Adyen in our compliance guide.\n\nBecause your users have a direct connection with card schemes, they must comply with the requirements laid down in the Payment Card Industry Data Security Standards (PCI DSS) for collecting, processing, storing, and transmitting cardholder data in a secure environment. To prove their compliance, they must sign a Self-Assessment Questionnaire (SAQ) before they can start processing card payments. The questionnaire asks them to confirm the security of their cardholder data environment, which typically includes their website, web servers, and employees who can access them.\nDepending on your user's sales channels, they must sign one or more SAQs. The questionnaires that Adyen provides are simplified versions of the full SAQs. If multiple SAQs are required, Adyen provides all the questionnaires and your users will only need to sign once.\nRequirements\nTake into account the following requirements, limitations, and preparations\n\n\n\nRequirement\nDescription\n\n\n\n\nIntegration type\nYou must have an Adyen for Platforms platform setup.\n\n\nAPI credentials\nYou must have credentials for the  Legal Entity Management API.\n\n\nWebhooks\nYou are subscribed to the balancePlatform.accountHolder.updated webhook.\n\n\nSetup steps\nBefore you begin, you must have already:Created a legal entity for the main legal entity\/user that has a contractual relationship with your platform and for the individual who will sign the PCI document.Created business lines for the main legal entity\/for the organization for all the sales channels that they support. The  salesChannels determine which and how many PCI documents must be signed.Created an account holder for your user.\n\n\n\nIf you onboard your users using hosted onboarding, they sign SAQs in the hosted onboarding page. To show the questionnaires to them, you must either:\n\nAdd payment methods to the store of the user.\nRequire the user to sign questionnaires by using the  hosted onboarding settings.\n\nIf you are building your own UI, you must generate the required PCI SAQs, show these to your users, and ask them to sign by performing the following steps. Use the  Legal Entity Management API to generate the required questionnaires and send the signed versions to Adyen.\nStep 1: Confirm PCI requirements\nWhen you create an account holder, certain capabilities are requested for them. To check whether your user must sign PCI documents, listen to balancePlatform.accountHolder.updated webhooks.\nIf your user is required to sign PCI forms, it is indicated in the verificationErrors array.\n\n    \n\nStep 2: Generate the questionnaires\nTo generate simplified questionnaires, send a POST  \/legalEntities\/{id}\/pciQuestionnaires\/generatePciTemplates request, specifying the legal entity id of the organization in the path.\nYou can change the language of the questionnaire from the default English by sending the request with language set to the two-character ISO 639-1 code of the desired language. For example, fr.\nIn the body of the request, you can specify the following:\n\n\n\nParameter\nRequired\nDescription\n\n\n\n\nadditionalSalesChannels\n\nAn array of additional sales channels to generate PCI questionnaires. Include the relevant sales channels if you need your user to sign PCI questionnaires. You do not need to provide these if you create stores and add payment methods for your user before you generate the questionnaires.\n\n\n\n\n    \n\nThe response returns the following information:\n\n\n\nParameter\nDescription\n\n\n\n\ncontent\nThe generated questionnaire in a base64 encoded format. Decode the content with the Base64.Decoder class and present the questionnaires to your user.\n\n\nlanguage\nThe language of the questionnaire. The default value is en.\n\n\npciTemplateReferences\nThe array of Adyen-generated unique identifiers for the questionnaires. If the array is empty, the user is not required to sign questionnaires. You must include this information in the signing request.\n\n\n\n\n    \n\nStep 3: Present the questionnaires to your user\nYou need to ask your user to review and sign the questionnaires. When presenting them to your user in your website, you can render the documents using the Adyen Document Viewer.\nDecode the documents before passing them to the Adyen Document Viewer.\nconst documentViewer = new AdyenDocumentViewer('#test');\nconst document = JSON.parse(decodeURIComponent(escape(window.atob(pciTemplateReferences.document))));\ndocumentViewer.render(document);\n\n\n    \n        \n        \n    \n\n\nStep 4: Sign the questionnaires\nYou must ask your user to declare that they comply with the scheme requirements by signing the generated questionnaires.\nTo sign the questionnaires, send a POST  \/legalEntities\/{id}\/pciQuestionnaires\/signPciTemplates request, specifying the  id of the main legal entity in the path.\nIn the body of the request, specify the following:\n\n\n\nParameter\nRequired\nDescription\n\n\n\n\nsignedBy\n\nThe legal entity  id of the individual who signed the questionnaires.\n\n\npciTemplateReferences\n\nThe array of unique identifiers of the questionnaires.\n\n\n\nThe request submits the legal entity ID of the individual who signed the simplified questionnaires and populates the formal PCI SAQ with the legal entity data.\n\n    \n\nThe response returns an array of the unique identifiers of the signed SAQ documents.\n\n    \n\nStep 5: Get a list of signed SAQs\nTo retrieve a list of the documents signed by your user, send a GET  \/legalEntities\/{id}\/pciQuestionnaires request, specifying the  id of the main legal entity in the path.\n\n    \n\nStep 6: Download a signed questionnaire\nTo download a signed SAQ, send a GET  \/legalEntities\/{id}\/pciQuestionnaires\/{pciid} request, specifying the following parameters in the path:\n\n\n\nPath parameter\nRequired\nDescription\n\n\n\n\n id\n\nThe legal entity ID of the organization.\n\n\npciid\n\nThe ID of the signed questionnaire.\n\n\n\nThe response returns the base64 encoded form of the signed document in PDF format in the content field. To present the document to your user, use the Base64.Decoder class.\n\n    \n","type":"page","locale":"pt","boost":17,"hierarchy":{"lvl0":"Home","lvl1":"Platforms","lvl2":"Onboard and verify users","lvl3":"Compliance with PCI DSS requirements"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/pt","lvl1":"https:\/\/docs.adyen.com\/pt\/platforms","lvl2":"https:\/\/docs.adyen.com\/pt\/platforms\/onboard-users","lvl3":"\/pt\/platforms\/onboard-users\/pci-forms"},"levels":4,"category":"Platforms","category_color":"green","tags":["Compliance","requirements"]}}