Skip to main content


Shufti Pro API uses API keys to authenticate requests. You can view and manage your API keys in your Shufti Pro Backoffice. Authorization to API is performed via HTTP Basic Auth. The verification request will fail without authorization.


Shufti Pro provides Authorization to clients through the Basic Auth header. Your Client ID will serve as your Username while the Secret Key will serve as your Password. The API will require this header for every request.

usernameYesEnter Client ID as username.
passwordYesEnter your Secret Key as password.

To obtain the client_id and secret_key, please navigate to the settings page in your backoffice.



If you misplace the secret key, it is necessary to generate a new key from the back office. Ensure that you save the secret key when generating a new one. The generated key will not be displayed in the back office.

//POST / HTTP/1.1 basic auth
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
"reference" : "1234567",
"callback_url" : "",
"email" : "[email protected]",
"country" : "GB",
"language" : "EN",
"verification_mode" : "any",
"risk_assessment" : {
"risk_reference" : "123456",
"phone_number" : "+4400000000"