Request
Verification Request
Payload
{
"reference" : "test-ref-1234",
"callback_url" : "https://yourcallbackurl.com",
"redirect_url" : "https://yourredirecturl.com",
"language" : "EN",
"service_code" : "tour-service",
"ttl" : 30
}
Request Parameter Details
| Parameters | Description |
|---|---|
| reference | Required: Yes Type: string Minimum: 6 characters Maximum: 250 characters Each request is issued a unique reference ID which is sent back to Shufti Pro’s client with each response. This reference ID helps to verify the request. The client can use this ID to check the status of already performed verifications. |
| country | Required: No Type: string Length: 2 characters You may omit this parameter if you don't want to enforce country verification. If a valid country code is provided, then the proofs (images/videos) for document verification or address verification must be from the same country. Country code must be a valid ISO 3166-1 alpha-2 country code. Please consult Supported Countries for country codes. |
| language | Required: No Type: string Length: 2 characters If the Shufti Pro client wants their preferred language to appear on the verification screens they may provide the 2-character long language code of their preferred language. The list of Supported Languages can be consulted for the language codes. If this key is missing in the request the system will select the default language as English. |
| Required: No Type: string Minimum: 6 characters Maximum: 128 characters This field represents email of the end-user. | |
| callback_url | Required: No Type: string Minimum: 6 characters Maximum: 250 characters A number of server-to-server calls are made to Shufti Pro’s client to keep them updated about the verification status. This allows the clients to keep the request updated on their end, even if the end-user is lost midway through the process. Note: The callback domains must be registered within the Backoffice to avoid encountering a validation error. For registering callback domain, click here e.g: example.com, test.example.com |
| redirect_url | Required: No Type: string Minimum: 6 characters Maximum: 250 characters Once an on-site verification is complete, User is redirected to this link after showing the results. Note: The redirect domains must be registered within the Backoffice to avoid encountering a validation error. For registering redirect domain, click here e.g: example.com, test.example.com |
| verification_mode | Required: No Type: string Accepted Values: any, image_only, video_only This key specifies the types of proof that can be used for verification. In a “video_only” mode, Shufti Pro’s client can only send “Base64” of videos wherein formats of proofs should be MP4 or MOV. “any” mode can be used to send a combination of images and videos as proofs for verification. |
| allow_offline | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 This parameter allows users to upload images or videos in case of non-availability of a functional webcam.If value: 0, users can capture photos/videos with the camera only. |
| allow_online | Required: No Type: string Accepted Values: 0, 1 Default-Value: 1 This parameter allows users to capture image or videos in real-time when internet is available. If value: 0 users can upload already captured images or videos. Note: if allow_offline: 0 priority will be given to allow_offline |
| show_consent | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 If enabled, it shows the Shufti Pro terms and conditions to the user at the start of the verification. |
| allow_na_ocr_inputs | Required: No Type: string Accepted Values: 0, 1 Default Value: 0 In onsite with ocr verification request, it allows the end-user to select N/A on the OCR form and the verification step will be accepted. |
| decline_on_single_step | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 If enabled, the verification request will be declined when one of the verification steps is not verified. |
| show_privacy_policy | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 This parameter displays data privacy policy to end-user after the verification process is completed. If the value is set 1, the data privacy policy will be displayed to end-user. If the value is set 0, the data privacy policy will not be displayed. Under the GDPR, we acknowledge the end-users right to request for data deletion therefore the default value is 1 but you can set it to 0 if you’ve another alternative mechanism in place. |
| show_results | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 If Value for this parameter is 1, verification result will be displayed to the end-user, showing them whether their verification is accepted or declined. If the value of this parameter is set 0, verification results will not be shown to end-user. |
| show_feedback_form | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 This parameter will work only for onsite verification. If its value is 1 at the end of verification, a feedback form is displayed to the end-user to collect his/her feedback. If it is 0 then it will not display the feedback page to the end-user. |
| allow_retry | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 In onsite verification request, If the document is declined by AI, the end-user can re-upload the document up to 3 times. |
| manual_review | Required: No Type: string Accepted Values: 0, 1 Default Value: 0 This key can be used if the client wants to review verifications after processing from Shufti Pro has completed. Once the user submits any/all required documents, Shufti Pro returns a status of review.pending. The client can then review the verification details and Accept OR Decline the verifications from the back-office. |
| enhanced_originality_checks | Required: No Type: string Accepted Values: 0, 1 Default Value: 0 If enabled, this key will be used for performing a strict text edit check on the ID document and decline the verification request if the edited text is found. It will restrict the end-users to scan a QR code to continue the verification journey on mobile if the process is initiated from a Desktop device. This configuration will ensure quality image from the native camera to detect edited text on ID documents. |
| ttl | Required: No Type: int Minimum: 60 Give a numeric value for minutes that you want the verification url to remain active. |
| ekyc | A client may use this parameter when he wants to perform eKYC, the term "ekyc" should be used, and its value must be set to true. eKYC can be performed either on its own or in conjunction with other services. |
Sample Codes for APIs of Verification Request
- Javascript
- PHP
- Python
- Http
- Ruby
- Java
let payload = {
reference : `SP_REQUEST_${Math.random()}`,
callback_url : "https://yourdomain.com/profile/sp-notify-callback",
email : "[email protected]",
country : "GB",
language : "EN",
verification_mode : "any",
}
payload['ekyc'] = true
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY");
fetch('https://api.shuftipro.com/', { method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token
},
body: JSON.stringify(payload)}).then(function(response) {
return response.json();
}).then(function(data) { return data; });
<?php
$url = 'https://api.shuftipro.com/';
$client_id = 'YOUR-CLIENT-ID';
$secret_key = 'YOUR-SECRET-KEY';
$verification_request = [
"reference" => "ref-".rand(4,444).rand(4,444),
"callback_url" => "https://yourdomain.com/profile/notifyCallback",
"email" => "[email protected]",
"country" => "GB",
"language" => "EN",
"verification_mode" => "any",
];
$verification_request[ekyc] = true;
$auth = $client_id.":".$secret_key;
$headers = ['Content-Type: application/json'];
$post_data = json_encode($verification_request);
$response = send_curl($url, $post_data, $headers, $auth);
function send_curl($url, $post_data, $headers, $auth){
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return json_decode($body,true);
}
echo $response['verification_url'];
import requests, base64, json, hashlib
from random import randint
url = 'https://api.shuftipro.com/'
client_id = 'YOUR-CLIENT-ID'
secret_key = 'YOUR-SECRET-KEY'
verification_request = {
"reference" : "ref-{}{}".format(randint(1000, 9999), randint(1000, 9999)),
"callback_url" : "https://yourdomain.com/profile/notifyCallback",
"email" : "[email protected]",
"country" : "GB",
"language" : "EN",
"verification_mode" : "any"
}
verification_request[ekyc] = true
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(verification_request))
json_response = json.loads(response.content)
print('Verification URL: {}'.format(json_response))
POST / HTTP/1.1 basic auth
Host: api.shuftipro.com
Content-Type: application/json
Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
{
"reference" : "1234567",
"callback_url" : "http://www.example.com/",
"email" : "[email protected]",
"country" : "GB",
"language" : "EN",
"verification_mode" : "any",
"ekyc" : true
}
require 'uri'
require 'net/http'
require 'base64'
require 'json'
require 'open-uri'
url = URI("https://api.shuftipro.com/")
CLIENT_ID = "YOUR-CLIENT-ID"
SECRET_KEY = "YOUR-SECRET-KEY"
verification_request = {
reference: "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
callback_url: "https://yourdomain.com/profile/notifyCallback",
email: "[email protected]",
country: "GB",
language: "EN",
redirect_url: "http://www.example.com",
verification_mode: "any"
}
verification_request["ekyc"] = true
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}"
request.body = verification_request.to_json
response = http.request(request)
puts response.read_body
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{\n \"reference\" : \"1234567\",\n \"callback_url\" : \"http://www.example.com/\",\n \"email\" : \"[email protected]\",\n \"country\" : \"GB\",\n \"language\" : \"EN\",\n \"verification_mode\" : \"any\",\n \"ekyc\" : \"true\"\n}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}