Onsite Integration
With On-site verification, Shufti Pro directly interacts with the end-user, managing data collection to facilitate identity verification. Verification status updates are exclusively communicated to the Shufti Pro customer via the dedicated Shufti Pro Back Office.
info
In onsite verification, Shufti Pro customers will make an API call, and will receive a verification URL in the response. The end-users will be redirected to the URL where they will perform the verification.
Given below is the flow for eIDV verification for onsite customers.
Parameters and Descriptions
The parameters mentioned below are applicable for both Onsite and Offsite verifications in eIDV service.
| Parameters | Description |
|---|---|
| reference | Required: Yes Type: string Minimum: 6 characters Maximum: 250 characters Each request is issued a unique reference ID which is sent back to Shufti Pro’s client with each response. This reference ID helps to verify the request. The client can use this ID to check the status of already performed verifications. |
| country | Required: No Type: string Length: 2 characters You may omit this parameter if you don't want to enforce country verification. If a valid country code is provided, then the proofs (images/videos) for document verification or address verification must be from the same country. Country code must be a valid ISO 3166-1 alpha-2 country code. Please consult (Supported Countries) for country codes. |
| language | Required: No Type: string Length: 2 characters If the Shufti Pro client wants their preferred language to appear on the verification screens they may provide the 2-character long language code of their preferred language. The list of (Supported Languages) can be consulted for the language codes. If this key is missing in the request the system will select the default language as English. |
| Required: No Type: string Minimum: 6 characters Maximum: 128 characters This field represents the email of the end-user. | |
| callback_url | Required: No Type: string Minimum: 6 characters Maximum: 250 characters A number of server-to-server calls are made to Shufti Pro’s client to keep them updated about the verification status. This allows the clients to keep the request updated on their end, even if the end-user is lost midway through the process. Note: The callback domains must be registered within the Backoffice to avoid encountering a validation error. For registering callback domain, click here e.g: example.com, test.example.com |
| redirect_url | Required: No Type: string Minimum: 3 characters Maximum: 250 characters Once an on-site verification is complete, User is redirected to this link after showing the results. Note: The redirect domains must be registered within the Backoffice to avoid encountering a validation error. For registering redirect domain, click here e.g: example.com, test.example.com |
| show_feedback_form | Required: No Type: string Accepted Values: 0, 1 Default Value: 1 This parameter will work only for onsite verification. If its value is 1 at the end of verification, a feedback form is displayed to the end-user to collect his/her feedback. If it is 0 then it will not display the feedback page to the end-user. |
| manual_review | Required: No Type: string Accepted Values: 0, 1 Default Value: 0 This key can be used if the client wants to review verifications after processing from Shufti Pro has completed. Once the user submits any/all required documents, Shufti Pro returns a status of review.pending. The client can then review the verification details and Accept OR Decline the verifications from the back-office. |
| ttl | Required: No Type: int Default: 60 Maximum: 43200 Give a numeric value for minutes that you want the verification url to remain active. Note: The minimum request timeout duration has been set to 30 minutes, regardless of the TTL value provided in the request. |
| ekyc | Required: Yes Type: Object eIDV/eKYC refers to the process of verifying the identity of an individual electronically. The eIDV is commonly used by businesses and institutions to comply with regulations requiring them to verify the identity of their customers. |
| allow_fallback | Required: No Type: boolean Accepted Values: 0, 1 This service key corresponds to fallback onsite kyc verification. If onsite electronic identity verification fails, users will presented the option to choose basic KYC for the verification process. allow_fallback can be sent inside the ekyc object with value 0 or 1. |
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- C#
- Go
//POST / HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
{
"reference" : "1234567",
"callback_url" : "http://www.example.com/",
"email" : "[email protected]",
"country" : "",
"language" : "EN",
"ekyc" : {
"allow_fallback": "0"
}
}
let payload = {
reference: `SP_REQUEST_${Math.random()}`,
callback_url: "https://yourdomain.com/profile/sp-notify-callback",
email: "[email protected]",
country: "",
language: "EN",
};
payload['ekyc'] = {
"allow_fallback": "0"
};
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY");
fetch('https://api.shuftipro.com/', {
method: 'post',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': 'Basic ' + token
},
body: JSON.stringify(payload)
}).then(function(response) {
return response.json();
}).then(function(data) {
return data;
});
<?php
$url = 'https://api.shuftipro.com/';
$client_id = 'YOUR-CLIENT-ID';
$secret_key = 'YOUR-SECRET-KEY';
$verification_request = [
"reference" => "ref-" . rand(4, 444) . rand(4, 444),
"callback_url" => "https://yourdomain.com/profile/notifyCallback",
"email" => "[email protected]",
"country" => "",
"language" => "EN",
];
$verification_request['ekyc'] = [
"allow_fallback" => "0"
];
$auth = $client_id . ":" . $secret_key;
$headers = ['Content-Type: application/json'];
$post_data = json_encode($verification_request);
$response = send_curl($url, $post_data, $headers, $auth);
function send_curl($url, $post_data, $headers, $auth) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return json_decode($body, true);
}
// Output the verification URL
echo $response['verification_url'];
import requests
import base64
import json
from random import randint
url = 'https://api.shuftipro.com/'
client_id = 'YOUR-CLIENT-ID'
secret_key = 'YOUR-SECRET-KEY'
verification_request = {
"reference": f"ref-{randint(1000, 9999)}{randint(1000, 9999)}",
"callback_url": "https://yourdomain.com/profile/notifyCallback",
"email": "[email protected]",
"country": "",
"language": "EN"
}
verification_request['ekyc'] = {
"allow_fallback": "0"
}
auth = f'{client_id}:{secret_key}'
b64Val = base64.b64encode(auth.encode()).decode()
response = requests.post(url,
headers={"Authorization": f"Basic {b64Val}", "Content-Type": "application/json"},
data=json.dumps(verification_request))
json_response = response.json()
print(f'Verification URL: {json_response["verification_url"]}')
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/")
CLIENT_ID = "YOUR-CLIENT-ID"
SECRET_KEY = "YOUR-SECRET-KEY"
verification_request = {
reference: "Ref-" + (0...8).map { (65 + rand(26)).chr }.join,
callback_url: "https://yourdomain.com/profile/notifyCallback",
email: "[email protected]",
country: "",
language: "EN",
redirect_url: "http://www.example.com"
}
verification_request["ekyc"] = {
allow_fallback: "0"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}"
request.body = verification_request.to_json
response = http.request(request)
puts response.read_body
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/";
String CLIENT_ID = "YOUR-CLIENT-ID";
String SECRET_KEY = "YOUR-SECRET-KEY";
URL obj = new URL(url);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{\n \"reference\": \"1234567\",\n \"callback_url\": \"http://www.example.com/\",\n \"email\": \"[email protected]\",\n \"country\": \"\",\n \"language\": \"EN\",\n \"ekyc\": {\n \"allow_fallback\": \"0\"\n }\n}";
con.setDoOutput(true);
try (DataOutputStream wr = new DataOutputStream(con.getOutputStream())) {
wr.writeBytes(payload);
wr.flush();
}
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL: " + url);
System.out.println("Payload: " + payload);
System.out.println("Response Code: " + responseCode);
try (BufferedReader in = new BufferedReader(new InputStreamReader(con.getInputStream()))) {
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
System.out.println(response.toString());
}
}
}
var client = new RestClient("https://api.shuftipro.com");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{
""reference"": ""1234567"",
""callback_url"": ""http://www.example.com/"",
""email"": ""[email protected]"",
""country"": """",
""language"": ""EN"",
""ekyc"": {
""allow_fallback"": ""0""
}
}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"io/ioutil"
"net/http"
"strings"
)
func main() {
url := "https://api.shuftipro.com"
method := "POST"
payload := strings.NewReader(`{
"reference": "1234567",
"callback_url": "http://www.example.com/",
"email": "[email protected]",
"country": "",
"language": "EN",
"ekyc": {
"allow_fallback": "0"
}
}`)
client := &http.Client{}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
info
If no country is selected during the verification request generation process, the user will be prompted with the eIDV supported countries screen to proceed accordingly.