Skip to content

[BUG] customer_id api validation #10578

New issue
New issue
Open
Open
[BUG] customer_id api validation#10578
Labels
C-bugCategory: BugS-awaiting-triageStatus: New issues that have not been assessed yet
@BenJanecke

Description

@BenJanecke
BenJanecke
opened on Dec 9, 2025

Bug Description

When I create a new intent with a customer_id that's a string of integers e.g. "222" or "333"

I was unable to find any specific validation rule or error that would reject a customer_id like "222" or "333" e.g. an purely integer string in the /payments create endpoint.

The customer_id validation that does occur follows this flow:

Validation Points in Payment Creation Flow:
Type-level validation during deserialization: When the request is parsed, the CustomerId type validates that the value contains only alphanumeric characters, underscores, or hyphens, and that the length is between 1 and 64 characters. id_type.rs:69-80 consts.rs:80-89

Consistency validation: The system checks if customer details are provided in both the root level and within the customer object, ensuring they match. payments.rs:1618-1655 helpers.rs:1492-1505

The value "222" would pass all standard validations:

It's 3 characters long (within the valid 1-64 character range)
It contains only digits (valid alphanumeric characters)
There are no special validation rules found in the codebase that specifically reject this value

Expected Behavior

I should be able to create a payment with a number based customer_id

curl 'https://app.hyperswitch.io/api/payments' \
  -H 'Accept: */*' \
  -H 'api-key: snd_xxx' \
  -H 'content-type: application/json' \
  --data-raw '{"amount":100,"currency":"ZAR","customer_id":222}'
// response: 200 ok

Actual Behavior

curl 'https://app.hyperswitch.io/api/payments' \
  -H 'Accept: */*' \
  -H 'api-key: snd_xxx' \
  -H 'content-type: application/json' \
  --data-raw '{"amount":100,"currency":"ZAR","customer_id":222}'
// response: 
{
    "error": {
        "error_type": "invalid_request",
        "message": "Json deserialize error: invalid type: integer `222`, expected a string at line 1 column 48",
        "code": "IR_06"
    }
}

Steps To Reproduce

curl 'https://app.hyperswitch.io/api/payments'
-H 'Accept: /'
-H 'api-key: snd_xxx'
-H 'content-type: application/json'
--data-raw '{"amount":100,"currency":"ZAR","customer_id":222}

Get 400

Context For The Bug

No response

Environment

x-request-id for a sandbox(app.hyperswitch.io) request that matches the above curls 019b01da-79ad-7352-81a4-fe44c3d58929

Have you spent some time checking if this bug has been raised before?

  • I checked and didn't find a similar issue

Have you read the Contributing Guidelines?

Are you willing to submit a PR?

None

Metadata

Metadata

Assignees

No one assigned

    Labels

    C-bugCategory: BugS-awaiting-triageStatus: New issues that have not been assessed yet

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions