Onsite Integration
- Enhanced KYB (search based)
- Enhanced KYB (document based)
In onsite verification, Shufti will directly interact with the end user to collect the required information for verification purposes.
The Enhanced KYB service enables merchants to include empty keys in their request payload, which triggers the generation of a verification URL in the response. By clicking on this URL, users can directly submit the required information. Shufti subsequently verifies the details and sends the verification report directly to the merchant in the backoffice.
Parameters & Description
| Parameters | Description |
|---|---|
| advanced_search | Required: Yes Type: string Accepted Values: 0, 1 Default Value: 0 This parameter is used to enable enhanced KYB service for the client when the parameter value is set to "1". |
| company_registration_number | Required: Yes Type: string This parameter receives the company registration number to collect and verify the company information reports. Example: 12345678 Note: The registration number is not required if the company name is provided. |
| company_name | Required: No Type: string Minimum: 3 characters This parameter receives the company name to collect and verify the company information reports. Example: 'SHUFTI PRO LIMITED' Note: The company name is not required if the registration number is provided. |
| country_names | Required: Yes Type: array The option allows users to input the single country name in the form of an array for the search. Additionally, you can pass the state of the country to specify the search. Feel free to click on the following links to view supported countries and states Example: ['united_kingdom'], ['alabama'] |
| search_type | Required: No Type: string Accepted Values: contains, start_with, fuzzy Default Value: Contains
|
| ai_business_insights | Required: No Type: string Accepted Values: 0, 1 This key allows the client to access AI-generated business insights through in-depth research of publicly available business data. |
Request Payloads
Please include the country along with either the company registration number or the company name in your request.
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST /status HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//replace "Basic" with "Bearer in case of Access Token"
{
"reference": "1234567",
"callback_url": "https://yourdomain.com/profile/sp-notify-callback",
"country": "GB",
"language": "EN",
"kyb": {
"advanced_search": "1",
"company_registration_number": "",
"country_names": ["united_kingdom"],
"search_type": "contains"
}
}
let payload = {
reference : `SP_REQUEST_${Math.random()}`,
callback_url : "https://yourdomain.com/profile/sp-notify-callback",
country : "GB",
language : "EN"
}
//Use this key if you want to perform document verification with OCR
payload['kyb'] = {
advanced_search : "1",
company_registration_number : '',
country_names : ['united_kingdom'],
search_type : 'contains'
}
//BASIC AUTH TOKEN
//Use your Shufti account client id and secret key
var token = btoa("YOUR-CLIENT-ID:YOUR-SECRET-KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
},
body: JSON.stringify(payload)
})
.then(function(response) {
return response.json();
}).then(function(data) {
if (data.event && data.event === 'verification.accepted') {
console.log(data);
}
});
<?php
$url = 'https://api.shuftipro.com/';
//Your Shufti account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$verification_request = [
'reference' => 'ref-'.rand(4,444).rand(4,444),
'country' => 'GB',
'language' => 'EN',
'email' => '[email protected]',
'callback_url' => 'https://yourdomain.com/profile/notifyCallback',
];
//Use this key if you want to perform kyb service
$verification_request['kyb'] =[
'advanced_search' => '1',
'company_registration_number' => '',
'country_names' => ['united_kingdom'],
'search_type' => 'contains'
];
$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token);
$post_data = json_encode($verification_request);
//Calling Shufti request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti API Response
$response_data = $response['body'];
//Get Shufti Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
$decoded_response = json_decode($response_data,true);
$event_name = $decoded_response['event'];
if(in_array($event_name, ['verification.accepted', 'verification.declined', 'request.received']) ){
if($sp_signature == $calculate_signature){
echo $event_name." :" . $response_data;
}else{
echo "Invalid signature :" . $response_data;
}
}else{
echo "Error :" . $response_data;
}
function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers,'body' => $body];
}
?>
import requests, base64, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/'
# Your Shufti account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';
verification_request = {
'reference' : 'ref-{}{}'.format(randint(1000, 9999), randint(1000, 9999)),
'country' : 'GB',
'language' : 'EN',
'email' : '[email protected]',
'callback_url' : 'https://yourdomain.com/profile/notifyCallback'
}
# Use this key if you want to perform document verification with OCR
verification_request['kyb'] = {
'advanced_search' : '1',
'company_registration_number' : '',
'country_names' : ['united_kingdom'],
'search_type' : 'contains'
}
# Calling Shufti request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(verification_request))
# Calculating signature for verification
# Clients registered with Shufti after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Get Shufti Signature
sp_signature = response.headers.get('Signature','')
# Convert json string to json object
json_response = json.loads(response.content)
# Get event returned
event_name = json_response['event']
print (json_response)
if event_name == 'verification.accepted':
if sp_signature == calculated_signature:
print ('Verification Response: {}'.format(response.content))
else:
print ('Invalid signature: {}'.format(response.content))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/")
# Your Shufti account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
verification_request = {
reference: "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
callback_url: "https://yourdomain.com/profile/notifyCallback",
email: "[email protected]",
country: "GB",
language: "EN"
}
# Use this key if you want to perform document verification with OCR
verification_request["kyb"] = {
advanced_search : "1",
company_registration_number: "",
country_names : ["united_kingdom"],
search_type : "contains"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
request.body = verification_request.to_json
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = response.read_body
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/service/ocr_for_business/extraction";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{\"reference\":\"1234567\",\"callback_url\":\"https://yourdomain.com/profile/sp-notify-callback\",\"country\":\"GB\",\"language\":\"EN\",\"kyb\":{\"advanced_search\": \"1\",\"company_registration_number\":\"\",\"country_names\":[\"united_kingdom\"],\"search_type\":\"contains\"}}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
"reference" : "1234567",
"callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
"country" : "GB",
"language" : "EN",
"kyb" : {
"advanced_search" : "1",
"company_registration_number" : "",
"country_names" : ["united_kingdom"],
"search_type" : "contains"
}
}'
var client = new RestClient("https://api.shuftipro.com/");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@" ""reference"" : ""1234567""," + "\n" +
@" ""callback_url"" : ""https://yourdomain.com/profile/sp-notify-callback""," + "\n" +
@" ""country"" : ""GB""," + "\n" +
@" ""language"" : ""EN""," + "\n" +
@" ""kyb"" : {" + "\n" +
@" ""advanced_search"" : ""1""," + "\n" +
@" ""company_registration_number"" : "" ""," + "\n" +
@" ""country_names"" : [""united_kingdom""]," + "\n" +
@" ""search_type"" : ""contains""" + "\n" +
@" }" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/"
method := "POST"
payload := strings.NewReader(`{
"reference" : "1234567",
"callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
"country" : "GB",
"language" : "EN",
"kyb" : {
"advanced_search" : "1",
"company_registration_number" : " ",
"country_names" : ["united_kingdom"],
"search_type" : "contains"
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST /status HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//replace "Basic" with "Bearer in case of Access Token"
{
"reference": "1234567",
"callback_url": "https://yourdomain.com/profile/sp-notify-callback",
"country": "GB",
"language": "EN",
"kyb": {
"advanced_search": "1",
"company_name": " ",
"country_names": ["united_kingdom"],
"search_type": "start_with"
}
}
let payload = {
reference : `SP_REQUEST_${Math.random()}`,
callback_url : "https://yourdomain.com/profile/sp-notify-callback",
country : "GB",
language : "EN"
}
//Use this key if you want to perform document verification with OCR
payload['kyb'] = {
'advanced_search': '1',
'company_name' : ' ',
'country_names' : ['united_kingdom'],
'search_type' : 'start_with'
}
//BASIC AUTH TOKEN
//Use your Shufti account client id and secret key
var token = btoa("YOUR-CLIENT-ID:YOUR-SECRET-KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
},
body: JSON.stringify(payload)
})
.then(function(response) {
return response.json();
}).then(function(data) {
if (data.event && data.event === 'verification.accepted') {
console.log(data);
}
});
<?php
$url = 'https://api.shuftipro.com/';
//Your Shufti account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$verification_request = [
'reference' => 'ref-'.rand(4,444).rand(4,444),
'country' => 'GB',
'language' => 'EN',
'email' => '[email protected]',
'callback_url' => 'https://yourdomain.com/profile/notifyCallback',
];
//Use this key if you want to perform kyb service
$verification_request['kyb'] =[
'advanced_search' => '1',
'company_name' => ' ',
'country_names'=> ['united_kingdom'],
'search_type' => 'start_with'
];
$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token);
$post_data = json_encode($verification_request);
//Calling Shufti request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti API Response
$response_data = $response['body'];
//Get Shufti Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
$decoded_response = json_decode($response_data,true);
$event_name = $decoded_response['event'];
if(in_array($event_name, ['verification.accepted', 'verification.declined']) ){
if($sp_signature == $calculate_signature){
echo $event_name." :" . $response_data;
}else{
echo "Invalid signature :" . $response_data;
}
}else{
echo "Error :" . $response_data;
}
function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers,'body' => $body];
}
?>
import requests, base64, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/'
# Your Shufti account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';
verification_request = {
'reference' : 'ref-{}{}'.format(randint(1000, 9999), randint(1000, 9999)),
'country' : 'GB',
'language' : 'EN',
'email' : '[email protected]',
'callback_url' : 'https://yourdomain.com/profile/notifyCallback'
}
# Use this key if you want to perform document verification with OCR
verification_request['kyb'] = {
'advanced_search' : '1',
'company_name' : ' ',
'country_names' : ['united_kingdom'],
'search_type' : 'start_with'
}
# Calling Shufti request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(verification_request))
# Calculating signature for verification
# Clients registered with Shufti after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Get Shufti Signature
sp_signature = response.headers.get('Signature','')
# Convert json string to json object
json_response = json.loads(response.content)
# Get event returned
event_name = json_response['event']
print (json_response)
if event_name == 'verification.accepted':
if sp_signature == calculated_signature:
print ('Verification Response: {}'.format(response.content))
else:
print ('Invalid signature: {}'.format(response.content))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/")
# Your Shufti account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
verification_request = {
reference: "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
callback_url: "https://yourdomain.com/profile/notifyCallback",
email: "[email protected]",
country: "GB",
language: "EN"
}
# Use this key if you want to perform document verification with OCR
verification_request["kyb"] = {
advanced_search: '1',
company_name: ' ',
country_names: ['united_kingdom'],
search_type: 'start_with'
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
request.body = verification_request.to_json
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = response.read_body
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{\"reference\":\"1234567\",\"callback_url\":\"https://yourdomain.com/profile/sp-notify-callback\",\"country\":\"GB\",\"language\":\"EN\",\"kyb\":{\"advanced_search\": \"1\",\"company_name\":\"\",\"country_names\":[\"united_kingdom\"],\"search_type\":\"start_with\"}}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
"reference" : "1234567",
"callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
"country" : "GB",
"language" : "EN",
"kyb" : {
"advanced_search" : "1",
"company_name" : " ",
"country_names" : ["united_kingdom"],
"search_type" : "start_with"
}
}'
var client = new RestClient("https://api.shuftipro.com/");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@" ""reference"" : ""1234567""," + "\n" +
@" ""callback_url"" : ""https://yourdomain.com/profile/sp-notify-callback""," + "\n" +
@" ""country"" : ""GB""," + "\n" +
@" ""language"" : ""EN""," + "\n" +
@" ""kyb"" : {" + "\n" +
@" ""advanced_search"" : ""1""" + "\n" +
@" ""company_name"" : "" """ + "\n" +
@" ""country_names"" : [""united_kingdom""]," + "\n" +
@" ""search_type"" : ""start_with""" + "\n" +
@" }" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/"
method := "POST"
payload := strings.NewReader(`{
"reference" : "1234567",
"callback_url" : "https://yourdomain.com/profile/sp-notify-callback",
"country" : "GB",
"language" : "EN",
"kyb" : {
"advanced_search" : "1",
"company_name" : " ",
"country_names" : ["united_kingdom"],
"search_type" : "start_with"
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
In an Enhanced KYB verification request, the results screen will not be displayed irrespective of the 'show_results' parameter's setting 0 or 1.
In onsite verification, Shufti will directly interact with the end user to collect the required proof and information for verification purposes.
Parameters and Description
| Parameters | Description |
|---|---|
| Reference | Required: Yes Type: string Minimum: 6 characters Maximum: 250 characters Each request is issued a unique reference ID which is sent back to Shufti’s client with each response. This reference ID helps to verify the request. The client can use this ID to check the status of already performed verification |
| Country | Required: Yes Type: string Length: 2 characters Country selection is mandatory as document proofs need to be uploaded according to the selected country's requirements. |
| Language | Required: No Type: string Length: 2 characters If the Shufti client wants their preferred language to appear on the verification screens they may provide the 2-character long language code of their preferred language. |
| Document Proof | Default: Yes Values: Yes, No Document proof is set to "Yes" by default, and if "No" is selected, it will redirect to Enhanced KYB. |
| additional_proof_labels | Required: No Type: array Accepted Values: Array of document label strings (e.g. "tax_registration_certificate") Default Value: [ ] This parameter allows the merchant to collect business documents beyond company name and registration number. When populated with one or more document label strings, it requires the user to upload the specified additional business proofs. Sending an empty array or omitting the parameter entirely disables additional proof collection, and the process proceeds without document uploads. |
Request Payloads
{
"reference": "1234567",
"callback_url": "https://yourdomain.com/profile/sp-notify-callback",
"country": "GB",
"language": "EN",
"kyb": {
"additional_proof_labels": ["label1", "label2"]
}
}