# Post TOEs in Bulk to your Portfolio
source: https://developer.mastercard.com/riskrecon-api/documentation/testing/portfolio-samples/add-bulk-toes-smpl/index.md

Allows you to raise a request to add a maximum of 25 TOEs in bulk to your portfolio.

## Pre-requisites {#pre-requisites}

Refer to the [Add TOEs in Bulk to your Portfolio](https://developer.mastercard.com/riskrecon-api/documentation/use-cases/portfolio-management/portfolio/add-bulk-toes/index.md) use case.

## Request URL for Sandbox environment {#request-url-for-sandbox-environment}

    POST https://api.sandbox.riskrecon.com/v1/portfolio/bulk_add

## Request URL for Production environment {#request-url-for-production-environment}

    POST https://api.riskrecon.com/v1/portfolio/bulk_add

## Test Cases {#test-cases}

### Test Case: Success - Add TOEs in bulk to your portfolio {#test-case-success---add-toes-in-bulk-to-your-portfolio}

**Request**

Here is an example of a request made to add two TOEs using a `curl` command.

```bash
curl -X 'POST' \
  'https://api.sandbox.riskrecon.com/v1/portfolio/bulk_add' \
  -H 'accept: application/json' 
  -H 'Authorization: valid_JWT' 
  -d '{
  "customer_toe_requests": [
    {
      "assessment_frequency": "continuous",
      "company_domains": [
        "test.domain.org"
      ],
      "company_name": "Testing, Co.",
      "internal_id": [
        "testing1"
      ],
      "internal_name": [
        "Testing, Co."
      ],
      "risk_relationship_slugs": [
        "ownenterprise_critical"
      ],
      "subscription_level": "2"
    },
    {
      "assessment_frequency": "continuous",
      "company_domains": [
        "test.domain.org"
      ],
      "company_name": "Extra Add, Co.",
      "internal_id": [
        "extradd"
      ],
      "internal_name": [
        "Extra Add, Co."
      ],
      "risk_relationship_slugs": [
        "ownenterprise_critical"
      ],
      "subscription_level": "2"
    }
  ]
```

**Response**

post:

HTTP response 200 Ok

### Test Case: Fail - Invalid Subscription Level {#test-case-fail---invalid-subscription-level}

**Request**

Here is an example of a request with an incorrect subscription level using a `curl` command.

```bash
curl -X 'POST' \
  'https://api.sandbox.riskrecon.com/v1/portfolio/bulk_add' \
  -H 'accept: application/json' \
  -H 'Authorization: valid_JWT' \
  -H 'Content-Type: application/json' \
  -d '{
  "customer_toe_requests": [
    {
      "assessment_frequency": "continuous",
      "company_domains": [
        "test.domain.org"
      ],
      "company_name": "Testing, Co.",
      "internal_id": [
        "testing1"
      ],
      "internal_name": [
        "Testing, Co."
      ],
      "risk_relationship_slugs": [
        "ownenterprise_critical"
      ],
      "subscription_level": "5"
    }
  ]
  }
```

**Response**

HTTP Error response 400

```json
{
  "Errors": {
    "Error": [
      {
        "Description": "Bad Request",
        "Details": "subscription_level: invalid subscription_level on Testing, Co.",
        "ReasonCode": "BAD_REQUEST",
        "Recoverable": false,
        "Source": "RISKRECON_API"
      }
    ]
  }
}
```

### Test Case: Fail - Invalid Assessment Frequency {#test-case-fail---invalid-assessment-frequency}

**Request**

Here is an example of a request with an incorrect assessment frequency using a `curl` command.

```bash
curl -X 'POST' \
  'https://api.sandbox.riskrecon.com/v1/portfolio/bulk_add' \
  -H 'accept: application/json' \
  -H 'Authorization: valid_JWT' \
  -H 'Content-Type: application/json' \
  -d '{
  "customer_toe_requests": [
    {
      "assessment_frequency": "continued",
      "company_domains": [
        "test.domain.org"
      ],
      "company_name": "Testing, Co.",
      "internal_id": [
        "testing1"
      ],
      "internal_name": [
        "Testing, Co."
      ],
      "risk_relationship_slugs": [
        "ownenterprise_critical"
      ],
      "subscription_level": "2"
    }
  ]
  }
```

**Response**

HTTP Error response 400

```json
{
"Errors": {
  "Error": [
    {
      "Description": "Bad Request",
      "Details": "assessment_frequency: is invalid on Testing, Co.",
      "ReasonCode": "BAD_REQUEST",
      "Recoverable": false,
      "Source": "RISKRECON_API"
    }
  ]
}
}
```

### Test Case: Fail - Invalid Risk Relationship Slug {#test-case-fail---invalid-risk-relationship-slug}

**Request**

Here is an example of a request made with an invalid risk relationship slug using a `curl` command.

```bash
curl -X 'POST' \
  'https://api.sandbox.riskrecon.com/v1/portfolio/bulk_add' \
  -H 'accept: application/json' \
  -H 'Authorization: valid_JWT_token' \
  -H 'Content-Type: application/json' \
  -d '{
  "customer_toe_requests": [
    {
      "assessment_frequency": "continued",
      "company_domains": [
        "test.domain.org"
      ],
      "company_name": "Testing, Co.",
      "internal_id": [
        "testing1"
      ],
      "internal_name": [
        "Testing, Co."
      ],
      "risk_relationship_slugs": [
        "ownenterprise_critic"
      ],
      "subscription_level": "2"
    }
  ]
  }
```

**Response**

HTTP Error response 422

```json
{
"Errors": {
  "Error": [
    {
      "Description": "Bad Request",
      "Details": "Slug ownenterprise_critic does not match any customer buckets",
      "ReasonCode": "BAD_REQUEST",
      "Recoverable": false,
      "Source": "RISKRECON_API"
    }
  ]
}
}
```