---
title: Instance RFI
description: Respond programmatically when BlindPay's compliance team needs additional information about your instance itself.
---

## What it is

An Instance RFI is a Request for Information directed at your instance (your BlindPay account), not at one of your customers. BlindPay's compliance team uses it to ask your team for updated business information, supporting documents, or clarifications, for example during a periodic review.

It uses the same section and field format as the [customer RFI](/docs/essentials/rfi), but it is standalone: opening, answering, or expiring an instance RFI never changes your instance's onboarding or KYB status, and it never blocks payins or payouts.

For customer-level RFIs (KYC/KYB of a receiver), see the [RFI](/docs/essentials/rfi) page. For a non-technical walkthrough of instance RFIs, see the [Instance RFIs guide](/knowledge-base/guides/instance-requests).

## How it works

1. **Compliance opens an RFI on your instance.** Every active member of your instance receives an email from `compliance@blindpay.com`, and the request appears on your dashboard's instance settings page.
2. **`GET /v1/instances/{instance_id}/rfi`** to fetch the open RFI and the list of fields to fill in.
3. **Collect the information** and answer via the dashboard, or **`POST /v1/instances/{instance_id}/rfi`** to submit the response in a single shot.
4. **Compliance reviews the submission.** If anything else is needed, a new RFI is opened.

### Differences from customer RFIs

| Aspect                    | Customer RFI                                        | Instance RFI                                  |
| ------------------------- | ---------------------------------------------------- | ---------------------------------------------- |
| Directed at               | One customer (`re_...`)                              | Your instance (`in_...`)                       |
| Status side effects       | Flips customer `kyc_status` to `compliance_request`  | None                                           |
| Payments while open       | Blocked for that customer                            | Unaffected                                     |
| Missed 27-day deadline    | Customer is auto-rejected                            | RFI expires, no action against the instance    |
| Webhook                   | `customer.update`                                    | None, email and dashboard only                 |

### RFI status

| Status      | Meaning                                                                     |
| ----------- | ---------------------------------------------------------------------------- |
| `pending`   | The RFI is open and waiting for a response.                                  |
| `submitted` | The response has been received and compliance is reviewing it.               |
| `expired`   | The 27-day deadline passed without a submission. No action was taken.        |
| `cancelled` | Compliance cancelled the RFI.                                                |

::c-alert{icon="circle-info"}
There can only be **one open instance RFI** at a time. If compliance needs another round, a new RFI is created after the previous one is resolved.
::

### Deadline

The deadline is included as `expires_at` in the RFI payload, 27 days after creation. Your team receives reminder emails at day 0, 7, and 17. If no submission arrives within the window, the RFI is marked `expired` and compliance follows up with you directly. Nothing happens to your instance automatically.

### Endpoints

| Method | Path                                  | Description                             |
| ------ | -------------------------------------- | ---------------------------------------- |
| `GET`  | `/v1/instances/{instance_id}/rfi`      | Fetch the open (pending) RFI, or `null`. |
| `POST` | `/v1/instances/{instance_id}/rfi`      | Submit the response as a flat object.    |

## Prerequisites

::c-prerequisites
::

## Fetch the open RFI

::c-auth-note
::

```bash
curl --request GET \
  --url https://api.blindpay.com/v1/instances/in_000000000000/rfi \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN'
```

Returns the open RFI, or `null` if none is open for your instance:

```json
{
  "id": "irfi_a1b2c3d4e5f6",
  "instance_id": "in_000000000000",
  "status": "pending",
  "request": [
    {
      "title": "Business Description",
      "description": "Your business description no longer matches your website. Please provide an update.",
      "fields": [
        { "key": "business_description", "label": "Business Description", "required": true },
        { "key": "business_description_explanation", "label": "Explanation", "required": true }
      ]
    },
    {
      "title": "Proof of Address",
      "description": "Please upload a current proof of address for the company.",
      "fields": [
        {
          "key": "proof_of_address_doc_file",
          "label": "Proof of Address File",
          "required": true,
          "regex": "^https://[^\\s]+$"
        }
      ]
    }
  ],
  "response": {},
  "expires_at": "2026-07-30T13:00:00.000Z",
  "submitted_at": null,
  "created_at": "2026-07-03T13:00:00.000Z"
}
```

The `request` array uses the same section and field schema as customer RFIs. See the [request schema tables](/docs/essentials/rfi#request-schema) for every property. For any file upload field, use the [Upload endpoint](/docs/essentials/upload) to host the file and submit the resulting URL.

## Submit a response

The response is a **flat object** keyed by `field.key`. There is no `rfi_id` in the URL because there's only ever one open RFI per instance.

::c-alert{icon="triangle-exclamation" variant="warning"}
**The submission is single-shot.** All required fields must be included in one request. There is no partial save, so a submission missing required fields is rejected with `400`.
::

```bash
curl --request POST \
  --url https://api.blindpay.com/v1/instances/in_000000000000/rfi \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{
    "business_description": "We sell B2B SaaS payroll software to mid-market companies.",
    "business_description_explanation": "Updated description matches our public website.",
    "proof_of_address_doc_file": "https://files.blindpay.com/1767022801827-bill.pdf"
  }'
```

Response:

```json
{ "success": true }
```

If the RFI was resolved in the meantime, the endpoint returns `{ "success": false, "reason": "no_pending_rfi" }` or `{ "success": false, "reason": "already_resolved" }` instead. Refetch the RFI state rather than retrying.

### Validation

The body is validated dynamically against the stored `request.fields[]` using the same rules as customer RFIs: `required` fields must be present and non-empty, `regex` patterns are applied, `multiple: true` fields require an array of URLs (max 20), and unknown keys are rejected.

### After submission

The RFI moves to `submitted` and the reminder emails stop. Compliance reviews the response and reaches out if anything else is needed. There is no webhook for instance RFIs; your team is notified by email and the dashboard.

## Related

- [RFI](/docs/essentials/rfi) · [Instances](/docs/essentials/instances) · [Upload](/docs/essentials/upload)
- [Instance RFIs guide](/knowledge-base/guides/instance-requests)
