Skip to main content

Onsite Integration

The Onsite integration mode is the primary integration path for QES. In this mode, Shufti hosts the complete verification and signing journey. The Merchant initiates a session via the API and receives a hosted verification URL. The end user completes identity proofing and document signing within the Shufti-hosted flow, with no additional data collection required on the Merchant's side.

Document Signing Approaches

Shufti supports two approaches for QES document signing. In both cases, the qualified signature is applied to a SHA-256 hash of the document. The difference is who computes the hash and where the document resides during signing.

  • Document Upload (Shufti computes the hash): The Merchant provides the document as a PDF via qes.proofs. Shufti computes the SHA-256 hash, manages the signing process, and returns the signed document with an embedded QES. Use this method when the Merchant wants Shufti to handle the full signing lifecycle, including document custody, hash computation, and signed document return.
  • Hash Submission (Merchant computes the hash): The Merchant computes the SHA-256 hash of each document and submits only the hashes via qes.hashes. No document content is uploaded to Shufti. A detached qualified signature (PKCS#7) is returned for each hash, which the Merchant attaches to the original document in their own environment. In this approach, the document never leaves the Merchant's environment. Use this method when the original documents must remain within the Merchant's environment due to data residency, confidentiality, or contractual requirements. Also use when document size or volume makes full document upload impractical.
note

Validation: qes.proofs and qes.hashes are mutually exclusive. Submitting both in the same request returns a validation error. Each hash in qes.hashes must be a valid SHA-256 hex string (64 characters, lowercase).

Status updates are delivered to the Merchant's registered callback URL in real time as the session progresses through each stage.

AttributeDetail
Base URLhttps://api.shuftipro.com/
MethodPOST
Content-Typeapplication/json
AuthorizationBasic Auth (Base64-encoded Client ID: Secret Key)
Response formatJSON
Session deliveryHosted URL returned on request creation
Status deliveryCallback (webhook) to Merchant-registered URL
info

QES does not support Offsite integration. Only the Onsite flow is available.

Request Parameters

The parameters mentioned below are specific to the qes service and the top-level parameters that govern how the signatory's identity is proved. When the qes object is present, the signatory's identity must be verified through one of the supported flows — either the document and face services together, or the ekyc service.

ParametersDescription
qes.proofsRequired: Yes (when qes.hashes is not provided)
Type: Array of objects
Minimum: 1 document
Maximum: 20 documents
Array of base64-encoded PDF documents to be signed. Each entry must include a filename and the base64-encoded data. Shufti computes the SHA-256 hash, manages the signing process, and returns the signed PDF with an embedded QES. Mutually exclusive with qes.hashes.
qes.proofs.*.filenameRequired: Yes (within each qes.proofs entry)
Type: string
Maximum: 255 characters
Filename of the document. Surfaced to the signatory in the hosted flow and returned alongside the signed output.
qes.proofs.*.dataRequired: Yes (within each qes.proofs entry)
Type: string
Format: PDF only
Maximum: 14MB
Provide a valid BASE64-encoded PDF string. May be prefixed with the data:application/pdf;base64, data URI scheme.
qes.hashesRequired: Yes (when qes.proofs is not provided)
Type: Array of strings
Format: SHA-256 hex (64 hex characters)
Minimum: 1 hash
Maximum: 20 hashes
Array of SHA-256 hex strings (64 characters each). Use this field for the hash approach, where the Merchant retains custody of the source documents and never uploads them to Shufti. The signatory signs the hash list directly and Shufti returns a detached CAdES (PKCS#7) qualified signature per hash. Mutually exclusive with qes.proofs.
qes.phone_numberRequired: No
Type: string
Minimum: 6 characters
Maximum: 64 characters
Format: +[digits]
Phone number of the signatory, including the country code prefixed with +.
regulatory_compliance_methodsRequired: Yes
Type: Object
Minimum keys: 2
Must contain at least 2 of the sub-fields below, and at least one of nfc_service_requested, standered_face_service_requested, or eidv_service_requested must be 1.
regulatory_compliance_methods.standered_face_service_requestedRequired: No
Type: string
Accepted Values: 0, 1
When set to 1, the signatory is verified using the standard Document + Face flow. In this case the top-level document and face services are required.
regulatory_compliance_methods.nfc_service_requestedRequired: No
Type: string
Accepted Values: 0, 1
When set to 1, the signatory is verified by reading the NFC chip of their e-passport or eID document. In this case the top-level document and face services are required.
regulatory_compliance_methods.eidv_service_requestedRequired: No
Type: string
Accepted Values: 0, 1
When set to 1 (and the other two methods are 0), the signatory is verified through an electronic identity verification provider. In this case the top-level ekyc service is required and document / face are prohibited.
allow_retryRequired: Yes
Type: string
Accepted Values: 1
Must be set to 1 so the user can retry failed steps.
show_ocr_formRequired: Yes
Type: string
Accepted Values: 1
Must be set to 1 so the OCR form is displayed to the user.
allow_onlineRequired: Yes
Type: string
Accepted Values: 1
Must be set to 1. The signatory completes the verification through the live Shufti-hosted journey.
allow_offlineRequired: Yes
Type: string
Accepted Values: 0
Must be set to 0. Offline submission is not supported in this flow.
verification_modeRequired: No
Type: string
Accepted Values: any
When regulatory_compliance_methods is present, verification_mode is restricted to the value any. Other modes (image_only, video_only) are not allowed.
is_baseline_loipRequired: Yes
Type: string
Accepted Values: 1
Must be set to 1. Performs the verification against the baseline level of identity proofing.
show_resultsRequired: Yes
Type: string
Accepted Values: 1
Must be set to 1. Displays the verification result screen to the signatory at the end of the hosted flow.
decline_on_single_stepRequired: No
Type: string
Accepted Values: 0, 1
When set to 1, the verification is declined as soon as any single step fails instead of allowing the user to continue with the remaining steps.
email_verifyRequired: Yes
Type: Object
The signatory's email is verified as part of the QES flow. Pass the signatory's email under email_verify.email.
face.document_in_hand_verificationRequired: Yes (when standered_face_service_requested is 1)
Type: string
Accepted Values: 1
Must be set to 1 for the Standard Document + Face flow so the signatory is prompted to hold the document in hand during the face capture.
document.supported_typesRequired: Yes
Type: Array
Accepted Values (when nfc_service_requested or standered_face_service_requested is 1): id_card, passport only. Other types (driving_license, credit_or_debit_card, etc.) are rejected in this flow.
document.nameRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: Object
The name object key must be present in the payload. Its values may be empty — the canonical values are extracted from the document during the hosted flow.
document.name.fuzzy_matchRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
Accepted Values: 1
Must be set to 1 in the NFC and Standard Document + Face flows.
document.document_numberRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
The document_number key must be present in the payload. Its value may be empty — the canonical document number is extracted from the document during the hosted flow.
document.dobRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
The dob key must be present in the payload. Its value may be empty — the canonical date of birth is extracted from the document during the hosted flow.
document.issue_dateRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
The issue_date key must be present in the payload. Its value may be empty — the canonical issue date is extracted from the document during the hosted flow.
document.expiry_dateRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
The expiry_date key must be present in the payload. Its value may be empty — the canonical expiry date is extracted from the document during the hosted flow.
document.backside_proof_requiredRequired: Yes (when nfc_service_requested or standered_face_service_requested is 1)
Type: string
Accepted Values: 1
Must be set to 1 so both sides of the document are captured during the hosted flow.
ekyc.eidv_countriesRequired: Yes (when eidv_service_requested is 1)
Type: Array of objects
One or more country entries. Each entry must include a code (ISO 3166-1 alpha-2) and a verification_approach. Multiple countries may be passed in a single request; the signatory selects from the offered list in the hosted flow.
ekyc.eidv_countries.*.codeRequired: Yes (within each eidv_countries entry)
Type: string
Format: ISO 3166-1 alpha-2 (e.g. NO, GB, DE).
The country whose data source is used for eIDV.
ekyc.eidv_countries.*.verification_approachRequired: Yes (within each eidv_countries entry, when eidv_service_requested is 1)
Type: string
Accepted Values: active
The country's per-source verification approach. For the QES eIDV flow this is set to active.
ekyc.eidv_verification_typeRequired: Yes (when eidv_service_requested is 1)
Type: string
Accepted Values: active
The eIDV verification type for the QES eIDV flow. Set to active.

caution

When nfc_service_requested or standered_face_service_requested is 1, the proof fields face.proof, document.proof, and document.additional_proof are prohibited — the signatory submits these proofs through the Shufti onsite flow rather than in the API payload.

info

Cross-service requirement: When the qes object is present, both the document and face services are required — unless the ekyc service is also sent, in which case ekyc (eIDV) substitutes for document and face.

QES with Standard Document and Face Verification

qes-service-sample-object-onsite-standard-face-document
{
"reference": "ABCDEF",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"standered_face_service_requested": "1",
"nfc_service_requested": "0",
"eidv_service_requested": "0"
},
"qes": {
"proofs": [
{
"filename": "agreement.pdf",
"data": "data:application/pdf;base64,JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFI+PgplbmRvYmoKMiAwIG9iago8PC9UeXBlL1BhZ2VzL0NvdW50IDEvS2lkc1szIDAgUl0+PgplbmRvYmoKMyAwIG9iago8PC9UeXBlL1BhZ2UvUGFyZW50IDIgMCBSL01lZGlhQm94WzAgMCA2MTIgNzkyXT4+CmVuZG9iagolJUVPRgo="
}
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"document": {
"proof": "",
"additional_proof": "",
"supported_types": ["id_card", "passport"],
"backside_proof_required": "1",
"name": {
"first_name": "",
"middle_name": "",
"last_name": "",
"fuzzy_match": "1"
},
"document_number": "",
"dob": "",
"issue_date": "",
"expiry_date": ""
},
"face": {
"proof": "",
"check_duplicate_request": "0",
"document_in_hand_verification": "1"
}
}

QES with NFC Document and Face Verification

qes-service-sample-object-onsite-nfc
{
"reference": "ABCDEF",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"nfc_service_requested": "1",
"standered_face_service_requested": "0",
"eidv_service_requested": "0"
},
"qes": {
"proofs": [
{
"filename": "agreement.pdf",
"data": "data:application/pdf;base64,JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFI+PgplbmRvYmoKMiAwIG9iago8PC9UeXBlL1BhZ2VzL0NvdW50IDEvS2lkc1szIDAgUl0+PgplbmRvYmoKMyAwIG9iago8PC9UeXBlL1BhZ2UvUGFyZW50IDIgMCBSL01lZGlhQm94WzAgMCA2MTIgNzkyXT4+CmVuZG9iagolJUVPRgo="
}
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"document": {
"proof": "",
"additional_proof": "",
"supported_types": ["passport", "id_card"],
"backside_proof_required": "1",
"name": {
"first_name": "",
"middle_name": "",
"last_name": "",
"fuzzy_match": "1"
},
"document_number": "",
"dob": "",
"issue_date": "",
"expiry_date": ""
},
"face": {
"proof": "",
"check_duplicate_request": "0"
}
}

QES with Active eID-Based Verification

qes-service-sample-object-onsite-eidv
{
"reference": "ABCDEF",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"eidv_service_requested": "1",
"standered_face_service_requested": "0",
"nfc_service_requested": "0"
},
"qes": {
"proofs": [
{
"filename": "agreement.pdf",
"data": "data:application/pdf;base64,JVBERi0xLjQKJeLjz9MKMSAwIG9iago8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFI+PgplbmRvYmoKMiAwIG9iago8PC9UeXBlL1BhZ2VzL0NvdW50IDEvS2lkc1szIDAgUl0+PgplbmRvYmoKMyAwIG9iago8PC9UeXBlL1BhZ2UvUGFyZW50IDIgMCBSL01lZGlhQm94WzAgMCA2MTIgNzkyXT4+CmVuZG9iagolJUVPRgo="
}
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"ekyc": {
"eidv_verification_type": "active",
"eidv_countries": [
{ "code": "NO", "verification_approach": "active" },
{ "code": "SE", "verification_approach": "active" },
{ "code": "DK", "verification_approach": "active" }
]
}
}

Document Upload Status Response

For Document Upload requests across all three identity-proofing flows (Standard Document and Face, NFC, and Active eID), the /status response returns the signed PDF(s) under proofs.qes[] as {name, url} pairs, and the qualified certificate metadata under verification_data.qes (signer name, certificate issuer, serial number, validity window, and aggregate_status for the batch).

FieldTypeDescription
proofs.qes[].nameStringOriginal filename of the document submitted via qes.proofs.
proofs.qes[].urlStringURL to download the signed PDF with the embedded qualified signature (PAdES).
verification_data.qes.signer_nameStringFull name of the signatory as recorded on the qualified certificate.
verification_data.qes.serial_numberStringSerial number of the qualified certificate used for signing.
verification_data.qes.issuer_cnStringCommon name of the qualified certificate issuer (QTSP).
verification_data.qes.valid_fromStringStart of the certificate validity window.
verification_data.qes.valid_toStringEnd of the certificate validity window.
verification_data.qes.created_atStringTimestamp when the QES batch was created.
verification_data.qes.aggregate_statusStringOverall batch status across all submitted documents (e.g. all_signed).
qes-status-response-document-upload
//Content-Type: application/json
//Signature: NmI4NmIyNzNmZjM0ZmNl

{
"reference": "17374217",
"event": "verification.accepted",
"country": "GB",
"proofs": {
"face": {
"proof": "https://ns.shuftipro.com/api/pea/15c1cf23bc0ed5a25613539f5cn3bebc0d566cda"
},
"document": {
"proof": "https://ns.shuftipro.com/api/pea/65c1df23bc0ed5a25613539f5cn3bebc0d566cac",
"additional_proof": "https://ns.shuftipro.com/api/pea/705b6ad48cc8ec08333d3e89653213302f71228f"
},
"qes": [
{
"name": "agreement.pdf",
"url": "https://ns.shuftipro.com/api/pea/df7272966d06183fb769aa8d4942464b06e2f93c"
}
],
"verification_video": "https://ns.shuftipro.com/api/pea/63c1cf23bc0ed5a21613539f5cn3bebc0d566cao",
"access_token": "generated_access_token",
"verification_report": "https://ns.shuftipro.com/api/pea/9ee426402e8633087b183c61ea5ac72acec5a728"
},
"verification_data": {
"document": {
"name": {
"first_name": "John",
"middle_name": "",
"last_name": "Doe",
"full_name": "John Doe"
},
"dob": "1990-01-01",
"issue_date": "2018-01-31",
"expiry_date": "2028-01-30",
"document_number": "GB1234567",
"country": "GB",
"selected_type": ["id_card"],
"supported_types": ["id_card", "passport"],
"face_match_confidence": 70
},
"email_verify": {
"email": "[email protected]"
},
"qes": {
"signer_name": "John Doe",
"serial_number": "0123456789ABCDEF0123456789ABCDEF01234567",
"issuer_cn": "Sample QTSP Qualified CA 2026",
"valid_from": "2026-06-15 10:00:00",
"valid_to": "2026-06-15 12:00:00",
"created_at": "2026-06-15 10:05:00",
"aggregate_status": "all_signed"
}
},
"verification_result": {
"face": 1,
"document": {
"document": 1,
"document_visibility": 1,
"document_must_not_be_expired": 1,
"document_country": 1,
"selected_type": 1,
"name": 1,
"document_number": 1,
"dob": 1,
"issue_date": 1,
"expiry_date": 1
},
"email_verify": {
"validate_email": 1,
"verify_email": 1
}
},
"info": {
"agent": {
"is_desktop": true,
"is_phone": false,
"useragent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36",
"device_name": "Macintosh",
"browser_name": "",
"platform_name": "OS X - 10_14_0"
},
"geolocation": {
"host": "212.103.50.243",
"ip": "212.103.50.243",
"rdns": "212.103.50.243",
"asn": "9009",
"isp": "M247 Ltd",
"country_name": "Germany",
"country_code": "DE",
"region_name": "Hesse",
"region_code": "HE",
"city": "Frankfurt am Main",
"postal_code": "60326",
"continent_name": "Europe",
"continent_code": "EU",
"latitude": "50.1049",
"longitude": "8.6295",
"metro_code": "",
"timezone": "Europe/Berlin"
}
}
}

QES with Hash Submission Approach

In Hash Submission, the Merchant computes the SHA-256 hash of each document locally and submits only the hashes via qes.hashes. Shufti returns a detached PKCS#7 qualified signature per hash, which the Merchant attaches to the original document in their own environment.

To compute the SHA-256 hash before submission:

sha256sum agreement.pdf | awk '{print $1}'

The following request payloads illustrate each identity proofing flow for Hash Submission. The structure mirrors the multi-document examples above — qes.proofs is replaced with qes.hashes.

QES with Hash Submission - Standard Document and Face Verification

qes-hash-submission-onsite-standard-face-document
{
"reference": "sp-bc-prod-ABCDE1213",
"callback_url": "https://yourdomain.com/sp-callback",
"redirect_url": "https://yourdomain.com/sp-redirect",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"standered_face_service_requested": "1",
"nfc_service_requested": "0",
"eidv_service_requested": "0"
},
"qes": {
"hashes": [
"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"document": {
"proof": "",
"additional_proof": "",
"supported_types": ["id_card", "passport"],
"backside_proof_required": "1",
"name": {
"first_name": "",
"middle_name": "",
"last_name": "",
"fuzzy_match": "1"
},
"document_number": "",
"dob": "",
"issue_date": "",
"expiry_date": ""
},
"face": {
"proof": "",
"check_duplicate_request": "0",
"document_in_hand_verification": "1"
}
}

QES with Hash Submission - NFC Document and Face Verification

qes-hash-submission-onsite-nfc
{
"reference": "sp-bc-prod-ABCDE1213",
"callback_url": "https://yourdomain.com/sp-callback",
"redirect_url": "https://yourdomain.com/sp-redirect",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"nfc_service_requested": "1",
"standered_face_service_requested": "0",
"eidv_service_requested": "0"
},
"qes": {
"hashes": [
"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"document": {
"proof": "",
"additional_proof": "",
"supported_types": ["passport", "id_card"],
"backside_proof_required": "1",
"name": {
"first_name": "",
"middle_name": "",
"last_name": "",
"fuzzy_match": "1"
},
"document_number": "",
"dob": "",
"issue_date": "",
"expiry_date": ""
},
"face": {
"proof": "",
"check_duplicate_request": "0"
}
}

QES with Hash Submission - Active eID-Based Verification

qes-hash-submission-onsite-eidv
{
"reference": "sp-bc-prod-ABCDE1213",
"callback_url": "https://yourdomain.com/sp-callback",
"redirect_url": "https://yourdomain.com/sp-redirect",
"allow_retry": "1",
"show_ocr_form": "1",
"allow_online": "1",
"allow_offline": "0",
"verification_mode": "any",
"is_baseline_loip": "1",
"show_results": "1",
"decline_on_single_step": "0",
"regulatory_compliance_methods": {
"eidv_service_requested": "1",
"standered_face_service_requested": "0",
"nfc_service_requested": "0"
},
"qes": {
"hashes": [
"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08"
],
"phone_number": "+123456789"
},
"email_verify": {
"email": "[email protected]"
},
"ekyc": {
"eidv_verification_type": "active",
"eidv_countries": [
{ "code": "NO", "verification_approach": "active" },
{ "code": "SE", "verification_approach": "active" },
{ "code": "DK", "verification_approach": "active" }
]
}
}

Hash Submission Status Response

For hash submission requests, the /status response does not include a signed document. Instead, the detached qualified signatures are returned under verification_data.qes.documents[], alongside the qualified certificate details under verification_data.qes (signer name, certificate issuer, serial number, validity window, and aggregate_status for the batch). Each document entry contains the original hash, the base64-encoded PKCS#7 detached signature, the signing timestamp (signed_at), and the per-document status. The Merchant is responsible for attaching the detached signature to the original document using their own document processing pipeline.

FieldTypeDescription
qes.signer_nameStringFull name of the signatory as recorded on the qualified certificate.
qes.serial_numberStringSerial number of the qualified certificate used for signing.
qes.issuer_cnStringCommon name of the qualified certificate issuer (QTSP).
qes.valid_fromStringStart of the certificate validity window.
qes.valid_toStringEnd of the certificate validity window.
qes.created_atStringTimestamp when the QES batch was created.
qes.aggregate_statusStringOverall batch status across all submitted hashes (e.g. all_signed).
qes.documents[].hashStringThe original SHA-256 digest submitted by the Merchant.
qes.documents[].signatureStringBase64-encoded PKCS#7 detached qualified signature.
qes.documents[].signed_atStringTimestamp of when the signature was applied.
qes.documents[].statusStringSignature status: signed, failed, or expired.
qes-status-response-hash-submission
//Content-Type: application/json
//Signature: NmI4NmIyNzNmZjM0ZmNl

{
"reference": "17374217",
"event": "verification.accepted",
"country": "GB",
"proofs": {
"face": {
"proof": "https://ns.shuftipro.com/api/pea/15c1cf23bc0ed5a25613539f5cn3bebc0d566cda"
},
"document": {
"proof": "https://ns.shuftipro.com/api/pea/65c1df23bc0ed5a25613539f5cn3bebc0d566cac",
"additional_proof": "https://ns.shuftipro.com/api/pea/705b6ad48cc8ec08333d3e89653213302f71228f"
},
"verification_video": "https://ns.shuftipro.com/api/pea/63c1cf23bc0ed5a21613539f5cn3bebc0d566cao",
"access_token": "generated_access_token",
"verification_report": "https://ns.shuftipro.com/api/pea/9ee426402e8633087b183c61ea5ac72acec5a728"
},
"verification_data": {
"document": {
"name": {
"first_name": "John",
"middle_name": "",
"last_name": "Doe",
"full_name": "John Doe"
},
"dob": "1990-01-01",
"issue_date": "2018-01-31",
"expiry_date": "2028-01-30",
"document_number": "GB1234567",
"country": "GB",
"selected_type": ["id_card"],
"supported_types": ["id_card", "passport"],
"face_match_confidence": 70
},
"email_verify": {
"email": "[email protected]"
},
"qes": {
"signer_name": "John Doe",
"serial_number": "0123456789ABCDEF0123456789ABCDEF01234567",
"issuer_cn": "Sample QTSP Qualified CA 2026",
"valid_from": "2026-06-15 10:00:00",
"valid_to": "2026-06-15 12:00:00",
"created_at": "2026-06-15 10:05:00",
"aggregate_status": "all_signed",
"documents": [
{
"hash": "9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08",
"signature": "MIIG...base64-encoded PKCS#7 detached signature...==",
"signed_at": "2026-06-15 10:06:00",
"status": "signed"
},
{
"hash": "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
"signature": "MIIG...base64-encoded PKCS#7 detached signature...==",
"signed_at": "2026-06-15 10:06:00",
"status": "signed"
}
]
}
},
"verification_result": {
"face": 1,
"document": {
"document": 1,
"document_visibility": 1,
"document_must_not_be_expired": 1,
"document_country": 1,
"selected_type": 1,
"name": 1,
"document_number": 1,
"dob": 1,
"issue_date": 1,
"expiry_date": 1
},
"email_verify": {
"validate_email": 1,
"verify_email": 1
}
},
"info": {
"agent": {
"is_desktop": true,
"is_phone": false,
"useragent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36",
"device_name": "Macintosh",
"browser_name": "",
"platform_name": "OS X - 10_14_0"
},
"geolocation": {
"host": "212.103.50.243",
"ip": "212.103.50.243",
"rdns": "212.103.50.243",
"asn": "9009",
"isp": "M247 Ltd",
"country_name": "Germany",
"country_code": "DE",
"region_name": "Hesse",
"region_code": "HE",
"city": "Frankfurt am Main",
"postal_code": "60326",
"continent_name": "Europe",
"continent_code": "EU",
"latitude": "50.1049",
"longitude": "8.6295",
"metro_code": "",
"timezone": "Europe/Berlin"
}
}
}