Onsite Integration

In onsite verification, Shufti Pro will directly interact with the end user to collect the required information for verification purposes.

info

The Enhanced KYB service enables merchants to include empty keys in their request payload, which triggers the generation of a verification URL in the response. By clicking on this URL, users can directly submit the required information. ShuftiPro subsequently verifies the details and sends the verification report directly to the merchant in the backoffice.

Parameters & Description

Parameters	Description
advanced_search	Required: Yes Type: string Accepted Values: 0, 1 Default Value: 0 This parameter is used to enable enhanced KYB service for the client when the parameter value is set to "1".
company_registration_number	Required: Yes Type: string This parameter receives the company registration number to collect and verify the company information reports. Example: 12345678 Note: The registration number is not required if the company name is provided.
company_name	Required: No Type: string Minimum: 3 characters This parameter receives the company name to collect and verify the company information reports. Example: 'SHUFTI PRO LIMITED' Note: The company name is not required if the registration number is provided.
country_names	Required: Yes Type: array The option allows users to input the single country name in the form of an array for the search. Additionally, you can pass the state of the country to specify the search. Feel free to click on the following links to view supported countries and states Example: ['united_kingdom'], ['alabama']
search_type	Required: No Type: string Accepted Values: contains, start_with, fuzzy Default Value: Contains When using the "start_with" option, the API fetches a list of companies whose names start with the user-provided characters. In contrast, with the "contains" option, the search covers companies having the given keywords anywhere in their names. 'fuzzy' search expands to include less precise matches, broadening results by similarity rather than strict criteria.

Request Payloads

tip

Please include the country along with either the company registration number or the company name in your request.

request-with-company_registration_number

//POST /status HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw== 
//replace "Basic" with "Bearer in case of Access Token"

{
  "reference": "1234567",
  "callback_url": "https://yourdomain.com/profile/sp-notify-callback",
  "country": "GB",
  "language": "EN",
  "kyb": {
    "advanced_search": "1",
    "company_registration_number": "",
    "country_names": ["united_kingdom"],
    "search_type": "contains"
  }
}

let payload = {
    reference         : `SP_REQUEST_${Math.random()}`,
    callback_url      : "https://yourdomain.com/profile/sp-notify-callback",
    country           : "GB",
    language          : "EN"
}
//Use this key if you want to perform document verification with OCR
payload['kyb'] = {
  advanced_search              : "1",
  company_registration_number  : '',
  country_names                : ['united_kingdom'],
  search_type                  : 'contains'
}
//BASIC AUTH TOKEN
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR-CLIENT-ID:YOUR-SECRET-KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/', 
{
  method : 'post',
  headers : {
    'Accept'        : 'application/json',
    'Content-Type'  : 'application/json',
    'Authorization' : 'Basic ' +token       // if access token then replace "Basic" with "Bearer"
  },
  body: JSON.stringify(payload)
})
.then(function(response) {
     return response.json();
}).then(function(data) {
    if (data.event && data.event === 'verification.accepted') {
          console.log(data);
        }
});

<?php
$url = 'https://api.shuftipro.com/';

//Your Shufti Pro account Client ID
$client_id  = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';

$verification_request = [
    'reference'    => 'ref-'.rand(4,444).rand(4,444),
    'country'      => 'GB',
    'language'     => 'EN',
    'email'        => '[email protected]',
    'callback_url' =>  'https://yourdomain.com/profile/notifyCallback',
];

//Use this key if you want to perform kyb service
$verification_request['kyb'] =[
    'advanced_search'             => '1',
    'company_registration_number' => '',
    'country_names'               => ['united_kingdom'],
    'search_type'                 => 'contains'
];

$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token); 
$post_data = json_encode($verification_request);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data    = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
  if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
    $sp_signature=trim(explode(':', $exploded[$key])[1]);
    break;
  }
}

// Calculating signature for verification

// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)

// Calculated signature functionality cannot be implement in case of access token
$calculate_signature  = hash('sha256',$response_data.$secret_key);
$decoded_response = json_decode($response_data,true);
$event_name = $decoded_response['event'];

if(in_array($event_name, ['verification.accepted', 'verification.declined', 'request.received']) ){
    if($sp_signature == $calculate_signature){
        echo $event_name." :" . $response_data;
    }else{
        echo "Invalid signature :" . $response_data;
    }
}else{
    echo "Error :" . $response_data;
}

function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    $html_response = curl_exec($ch);
    $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $headers = substr($html_response, 0, $header_size);
    $body = substr($html_response, $header_size);
    curl_close($ch);
    return ['headers' => $headers,'body' => $body];     
}
?>

import requests, base64, json, hashlib
from random import randint

'''
Python 2
--------
import urllib2

Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/'
# Your Shufti Pro account Client ID
client_id  = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';

verification_request = {
    'reference'         :   'ref-{}{}'.format(randint(1000, 9999), randint(1000, 9999)),
    'country'           :   'GB', 
    'language'          :   'EN',
    'email'             :   '[email protected]',
    'callback_url'      :   'https://yourdomain.com/profile/notifyCallback'
}
# Use this key if you want to perform document verification with OCR
verification_request['kyb'] = {
    'advanced_search'             : '1',
    'company_registration_number' : '',
    'country_names'               : ['united_kingdom'],
    'search_type'                 : 'contains'
}

# Calling Shufti Pro request API using python  requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token 
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url, 
                headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
                data=json.dumps(verification_request))

# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()

# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()

# Get Shufti Pro Signature
sp_signature = response.headers.get('Signature','')
# Convert json string to json object
json_response = json.loads(response.content)
# Get event returned
event_name = json_response['event']
print (json_response)
if event_name == 'verification.accepted':
    if sp_signature == calculated_signature:
        print ('Verification Response: {}'.format(response.content))
    else:
        print ('Invalid signature: {}'.format(response.content))

require 'uri'
require 'net/http'
require 'base64'
require 'json'

url = URI("https://api.shuftipro.com/")
# Your Shufti Pro account Client ID
CLIENT_ID   = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY  = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"

verification_request = { 
    reference:          "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
    callback_url:       "https://yourdomain.com/profile/notifyCallback",
    email:              "[email protected]",
    country:            "GB",
    language:           "EN"
}
# Use this key if you want to perform document verification with OCR
verification_request["kyb"] = {
  advanced_search            : "1",
  company_registration_number: "",
  country_names              : ["united_kingdom"],
  search_type                : "contains"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"]  = "application/json"
request["Authorization"] = "Basic #{header_auth}"   # replace "Basic" with "Bearer" in case of access token
request.body = verification_request.to_json
response = http.request(request)
response_headers =  response.instance_variable_get("@header")
response_data    = response.read_body

sp_signature     = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY

# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY

if sp_signature == calculated_signature
  puts response_data
else
  puts "Invalid signature"
end

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

import javax.net.ssl.HttpsURLConnection;

public class Main {
    public static void main(String[] args) throws Exception {
        String url = "https://api.shuftipro.com/service/ocr_for_business/extraction";
        String CLIENT_ID = "CLIENT_ID";
        String SECRET_KEY = "SECRET_KEY";
        URL obj = new URL(url);
        HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();

        // Add request header
        con.setRequestMethod("POST");
        con.setRequestProperty("Content-Type", "application/json");
        String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));    
        con.setRequestProperty("Authorization", basicAuth);

        String payload = "{\"reference\":\"1234567\",\"callback_url\":\"https://yourdomain.com/profile/sp-notify-callback\",\"country\":\"GB\",\"language\":\"EN\",\"kyb\":{\"advanced_search\": \"1\",\"company_registration_number\":\"\",\"country_names\":[\"united_kingdom\"],\"search_type\":\"contains\"}}";


        // Send post request
        con.setDoOutput(true);
        DataOutputStream wr = new DataOutputStream(con.getOutputStream());
        wr.writeBytes(payload);
        wr.flush();
        wr.close();

        int responseCode = con.getResponseCode();
        System.out.println("\nSending 'POST' request to URL : " + url);
        System.out.println("Payload : " + payload);
        System.out.println("Response Code : " + responseCode);

        BufferedReader in = new BufferedReader(
                new InputStreamReader(con.getInputStream()));
        System.out.println(in.toString());
        String inputLine;
        StringBuffer response = new StringBuffer();

        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
        in.close();

        // Print the response
        System.out.println(response.toString());
    }
}

curl --location --request POST 'https://api.shuftipro.com/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
    "reference"    : "1234567",
    "callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
    "country"      : "GB",
    "language"     : "EN",
    "kyb" : {
        "advanced_search"                 : "1",
        "company_registration_number"     : "",
        "country_names"                   : ["united_kingdom"],
        "search_type"                     : "contains" 
    }
}'

var client = new RestClient("https://api.shuftipro.com/");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@"    ""reference""    : ""1234567""," + "\n" +
@"    ""callback_url"" : ""https://yourdomain.com/profile/sp-notify-callback""," + "\n" +
@"    ""country""      : ""GB""," + "\n" +
@"    ""language""     : ""EN""," + "\n" +
@"    ""kyb"" : {" + "\n" +
@"        ""advanced_search""     : ""1""," + "\n" +
@"        ""company_registration_number""     : "" ""," + "\n" +
@"        ""country_names""     : [""united_kingdom""]," + "\n" +
@"        ""search_type""     : ""contains""" + "\n" +
@"    }" + "\n" +
@"}";
request.AddParameter("application/json", body,  ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://api.shuftipro.com/"
  method := "POST"

  payload := strings.NewReader(`{
    "reference"    : "1234567",
    "callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
    "country"      : "GB",
    "language"     : "EN",
    "kyb" : {
        "advanced_search"   : "1",
        "company_registration_number"     : " ",
        "country_names"     : ["united_kingdom"],
        "search_type"     : "contains"
    }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

request-with-company_name

//POST /status HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw== 
//replace "Basic" with "Bearer in case of Access Token"

{
  "reference": "1234567",
  "callback_url": "https://yourdomain.com/profile/sp-notify-callback",
  "country": "GB",
  "language": "EN",
  "kyb": {
    "advanced_search": "1",
    "company_name": " ",
    "country_names": ["united_kingdom"],
    "search_type": "start_with"
  }
}

let payload = {
    reference         : `SP_REQUEST_${Math.random()}`,
    callback_url      : "https://yourdomain.com/profile/sp-notify-callback",
    country           : "GB",
    language          : "EN"
}
//Use this key if you want to perform document verification with OCR
payload['kyb'] = {
  'advanced_search': '1',
  'company_name'   : ' ',
  'country_names'  : ['united_kingdom'],
  'search_type'    : 'start_with'
}
//BASIC AUTH TOKEN
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR-CLIENT-ID:YOUR-SECRET-KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/', 
{
  method : 'post',
  headers : {
    'Accept'        : 'application/json',
    'Content-Type'  : 'application/json',
    'Authorization' : 'Basic ' +token       // if access token then replace "Basic" with "Bearer"
  },
  body: JSON.stringify(payload)
})
.then(function(response) {
     return response.json();
}).then(function(data) {
    if (data.event && data.event === 'verification.accepted') {
          console.log(data);
        }
});

<?php
$url = 'https://api.shuftipro.com/';

//Your Shufti Pro account Client ID
$client_id  = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';

$verification_request = [
    'reference'    => 'ref-'.rand(4,444).rand(4,444),
    'country'      => 'GB',
    'language'     => 'EN',
    'email'        => '[email protected]',
    'callback_url' =>  'https://yourdomain.com/profile/notifyCallback',
];

//Use this key if you want to perform kyb service
$verification_request['kyb'] =[
    'advanced_search' => '1',
    'company_name' => ' ',
    'country_names'=>   ['united_kingdom'],
    'search_type'  =>   'start_with'
];

$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token); 
$post_data = json_encode($verification_request);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data    = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
  if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
    $sp_signature=trim(explode(':', $exploded[$key])[1]);
    break;
  }
}

// Calculating signature for verification

// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)

// Calculated signature functionality cannot be implement in case of access token
$calculate_signature  = hash('sha256',$response_data.$secret_key);
$decoded_response = json_decode($response_data,true);
$event_name = $decoded_response['event'];

if(in_array($event_name, ['verification.accepted', 'verification.declined']) ){
    if($sp_signature == $calculate_signature){
        echo $event_name." :" . $response_data;
    }else{
        echo "Invalid signature :" . $response_data;
    }
}else{
    echo "Error :" . $response_data;
}

function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    $html_response = curl_exec($ch);
    $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $headers = substr($html_response, 0, $header_size);
    $body = substr($html_response, $header_size);
    curl_close($ch);
    return ['headers' => $headers,'body' => $body];     
}
?>

import requests, base64, json, hashlib
from random import randint

'''
Python 2
--------
import urllib2

Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/'
# Your Shufti Pro account Client ID
client_id  = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';

verification_request = {
    'reference'         :   'ref-{}{}'.format(randint(1000, 9999), randint(1000, 9999)),
    'country'           :   'GB', 
    'language'          :   'EN',
    'email'             :   '[email protected]',
    'callback_url'      :   'https://yourdomain.com/profile/notifyCallback'
}
# Use this key if you want to perform document verification with OCR
verification_request['kyb'] = {
    'advanced_search' : '1',
    'company_name'  : ' ',
    'country_names' : ['united_kingdom'],
    'search_type'   : 'start_with'
}

# Calling Shufti Pro request API using python  requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token 
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url, 
                headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
                data=json.dumps(verification_request))

# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()

# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()

# Get Shufti Pro Signature
sp_signature = response.headers.get('Signature','')
# Convert json string to json object
json_response = json.loads(response.content)
# Get event returned
event_name = json_response['event']
print (json_response)
if event_name == 'verification.accepted':
    if sp_signature == calculated_signature:
        print ('Verification Response: {}'.format(response.content))
    else:
        print ('Invalid signature: {}'.format(response.content))

require 'uri'
require 'net/http'
require 'base64'
require 'json'

url = URI("https://api.shuftipro.com/")
# Your Shufti Pro account Client ID
CLIENT_ID   = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY  = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"

verification_request = { 
    reference:          "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
    callback_url:       "https://yourdomain.com/profile/notifyCallback",
    email:              "[email protected]",
    country:            "GB",
    language:           "EN"
}
# Use this key if you want to perform document verification with OCR
verification_request["kyb"] = {
  advanced_search: '1',
  company_name: ' ',
  country_names:   ['united_kingdom'],
  search_type:   'start_with'
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"]  = "application/json"
request["Authorization"] = "Basic #{header_auth}"   # replace "Basic" with "Bearer" in case of access token
request.body = verification_request.to_json
response = http.request(request)
response_headers =  response.instance_variable_get("@header")
response_data    = response.read_body

sp_signature     = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""

# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY

# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY

if sp_signature == calculated_signature
  puts response_data
else
  puts "Invalid signature"
end

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

import javax.net.ssl.HttpsURLConnection;

public class Main {
    public static void main(String[] args) throws Exception {
        String url = "https://api.shuftipro.com/";
        String CLIENT_ID = "CLIENT_ID";
        String SECRET_KEY = "SECRET_KEY";
        URL obj = new URL(url);
        HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();

        // Add request header
        con.setRequestMethod("POST");
        con.setRequestProperty("Content-Type", "application/json");
        String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));    
        con.setRequestProperty("Authorization", basicAuth);

        String payload = "{\"reference\":\"1234567\",\"callback_url\":\"https://yourdomain.com/profile/sp-notify-callback\",\"country\":\"GB\",\"language\":\"EN\",\"kyb\":{\"advanced_search\": \"1\",\"company_name\":\"\",\"country_names\":[\"united_kingdom\"],\"search_type\":\"start_with\"}}";

        // Send post request
        con.setDoOutput(true);
        DataOutputStream wr = new DataOutputStream(con.getOutputStream());
        wr.writeBytes(payload);
        wr.flush();
        wr.close();

        int responseCode = con.getResponseCode();
        System.out.println("\nSending 'POST' request to URL : " + url);
        System.out.println("Payload : " + payload);
        System.out.println("Response Code : " + responseCode);

        BufferedReader in = new BufferedReader(
                new InputStreamReader(con.getInputStream()));
        System.out.println(in.toString());
        String inputLine;
        StringBuffer response = new StringBuffer();

        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
        in.close();

        // Print the response
        System.out.println(response.toString());
    }
}

curl --location --request POST 'https://api.shuftipro.com/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
    "reference"    : "1234567",
    "callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
    "country"      : "GB",
    "language"     : "EN",
    "kyb" : {
            "advanced_search"  : "1",
            "company_name"     : " ",
            "country_names"    : ["united_kingdom"],
            "search_type"      : "start_with"
        }
}'

var client = new RestClient("https://api.shuftipro.com/");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@"    ""reference""    : ""1234567""," + "\n" +
@"    ""callback_url"" : ""https://yourdomain.com/profile/sp-notify-callback""," + "\n" +
@"    ""country""      : ""GB""," + "\n" +
@"    ""language""     : ""EN""," + "\n" +
@"    ""kyb"" : {" + "\n" +
@"            ""advanced_search""     : ""1""" + "\n" +
@"            ""company_name""     : "" """ + "\n" +
@"            ""country_names""     : [""united_kingdom""]," + "\n" +
@"            ""search_type""     : ""start_with""" + "\n" +
@"        }" + "\n" +
@"}";
request.AddParameter("application/json", body,  ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://api.shuftipro.com/"
  method := "POST"

  payload := strings.NewReader(`{
    "reference"    : "1234567",
    "callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
    "country"      : "GB",
    "language"     : "EN",
    "kyb" : {
            "advanced_search"  : "1",
            "company_name"     : " ",
            "country_names"    : ["united_kingdom"],
            "search_type"      : "start_with"
        }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

info

In an Enhanced KYB verification request, the results screen will not be displayed irrespective of the 'show_result' parameter's setting 0 or 1.

Parameters & Description​

Request Payloads​

Parameters & Description

Request Payloads