Offsite Integration

In this verification procedure, the client is required to provide Shufti Pro with the end user's full name and date of birth. Leveraging this data, Shufti Pro conducts thorough Anti-Money Laundering (AML) screening to validate user identity.

Parameters and Description

Parameters	Description
dob	Required: No Type: string Format: yyyy-mm-dd Provide a valid date. Example: 1990-12-31 Note: It is recommended to send dob for more accurate results.
name	Required: No Type: object In name object used in background checks service, first_name required and other fields are optional. Parameters for name are listed here: Example 1: { "first_name" : "John", "last_name" : "Doe" } Example 2: { "first_name" : "John", "middle_name" : "Carter", "last_name" : "Doe"} Example 3: { "full_name" : "John Carter Doe"} Note: If full name is provided with first and last name priority will be given to full name.
ongoing	Required: No Accepted values: 0, 1 Default: 0 This Parameter is used for Ongoing AML Screening, and is allowed only on Production Accounts. If Shufti Pro detects a change in AML statuses, then we will send you a webhook with event verification.status.changed. The new AML status can be checked using get status endpoint, or from the back-office. Note Use fuzzy_match = 1 in the name object for better results for Ongoing AML Screening.
filters	Required: No Type: Array Default: ["sanction", "warning", "fitness-probity", "pep", "pep-class-1", "pep-class-2", "pep-class-3", "pep-class-4"] This key includes specific filter types, namely, alert or warning, that are linked to the AML search. Use these filters within the search to refine and narrow down the results. All filter types are listed here

Http

background_checks-service-sample

//POST / HTTP/1.1 basic auth
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw== 

{
  "background_checks" : {
    "name" : {
      "first_name"  : "John",
      "middle_name" : "Carter",
      "last_name"   : "Doe"
    },
    "dob"     : "2016-01-01",
    "ongoing" : "1",
    "filters" : ["sanction", "fitness-probity", "warning", "pep"]
  }
}

Javascript

background_checks-service-sample

let payload = {
    reference         : `SP_REQUEST_${Math.random()}`,
    callback_url      : "https://yourdomain.com/profile/sp-notify-callback",
    redirect_url      : "https://yourdomain.com/site/sp-redirect",
    country           : "GB",
    language          : "EN",
    verification_mode : "any",
    ttl               :  60,
    background_checks: {
      name : {
      first_name  : "John",
      middle_name : "Carter",
      last_name   : "Doe"
    },
        dob : "2016-01-01",
        ongoing                     : "1",
        filters                     : ["sanction", "fitness-probity", "warning", "pep"]
    }
}

// BASIC AUTH TOKEN
// Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); // BASIC AUTH TOKEN
// if Access Token
// var token = "YOUR_ACCESS_TOKEN";

// Dispatch request via fetch API or with whatever else best suits you
fetch('https://api.shuftipro.com/', 
{
    method : 'post',
    headers : {
        'Accept'        : 'application/json',
        'Content-Type'  : 'application/json',
        'Authorization' : 'Basic ' + token       // if access token then replace "Basic" with "Bearer"
    },
    body: JSON.stringify(payload)
})
.then(function(response) {
     return response.json();
})

PHP

background_checks-service-sample

<?php
$url = 'https://api.shuftipro.com/';
$client_id = 'YOUR_CLIENT_ID';
$secret_key = 'YOUR_SECRET_KEY';

$payload = [
    'reference'         => 'SP_REQUEST_' . rand(),
    'callback_url'      => 'https://yourdomain.com/profile/sp-notify-callback',
    'redirect_url'      => 'https://yourdomain.com/site/sp-redirect',
    'country'           => 'GB',
    'language'          => 'EN',
    'verification_mode' => 'any',
    'ttl'               => 60,
    'background_checks'=> [
        'name' {
          'first_name'  => 'John',
          'middle_name' => 'Carter',
          'last_name'   => 'Doe'
        },
        'dob' => '2016-01-01',
        'ongoing'                     => '1',
        'filters'                     => ['sanction', 'fitness-probity', 'warning', 'pep']
    ]
];

$auth = $client_id . ':' . $secret_key;
$headers = ['Content-Type: application/json'];
$post_data = json_encode($payload);

$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);

$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);

$response_data = $body;
$decoded_response = json_decode($response_data, true);

return $decoded_response;

?>

Python

background_checks-service-sample

import requests, base64, json, hashlib
from random import randint

'''
Python 2
--------
import urllib2

Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''

url = 'https://api.shuftipro.com/'
client_id = 'YOUR_CLIENT_ID'
secret_key = 'YOUR_SECRET_KEY'

payload = {
    'reference': f'SP_REQUEST_{randint(1000, 9999)}',
    'callback_url': 'https://yourdomain.com/profile/sp-notify-callback',
    'redirect_url': 'https://yourdomain.com/site/sp-redirect',
    'country': 'GB',
    'language': 'EN',
    'verification_mode': 'any',
    'ttl': 60,
    'background_checks': {
        "name" : {
          'first_name'  : 'John',
          'middle_name' : 'Carter',
          'last_name'   :'"Doe'
        },
        'dob': '2016-01-01',
        'ongoing': '1',
        'filters': ['sanction', 'fitness-probity', 'warning', 'pep']
    }
}

auth = f'{client_id}:{secret_key}'
b64Val = auth.encode('ascii').hex()
headers = {
    'Content-Type': 'application/json',
    'Authorization': f'Basic {b64Val}'
}

response = requests.post(url, headers=headers, data=json.dumps(payload))

# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()

# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()

sp_signature = response.headers.get('Signature', '')

json_response = response.json()

    if sp_signature == calculated_signature:
      return json_response

Ruby

background_checks-service-sample

require 'uri'
require 'net/http'
require 'base64'
require 'json'

url = URI("https://api.shuftipro.com/")
client_id = "YOUR_CLIENT_ID"
secret_key = "YOUR_SECRET_KEY"

payload = {
  "reference" => "SP_REQUEST_#{rand(1000..9999)}",
  "callback_url" => "https://yourdomain.com/profile/sp-notify-callback",
  "redirect_url" => "https://yourdomain.com/site/sp-redirect",
  "country" => "GB",
  "language" => "EN",
  "verification_mode" => "any",
  "ttl" => 60,
  "background_checks" => {
    "name" =>  {
      "full_name" => "John Doe"
    },
    "dob" => "2016-01-01",
    "ongoing" => "1",
    "filters" => ["sanction", "fitness-probity", "warning", "pep"]
  }
}

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
auth = Base64.strict_encode64("#{client_id}:#{secret_key}")
request["Authorization"] = "Basic #{auth}"
request.body = payload.to_json

response = http.request(request)

# Calculating signature for verification

# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = Digest::SHA256.hexdigest secret_key

# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response.read_body + secret_key

sp_signature = response['Signature']

json_response = JSON.parse(response.read_body)

if sp_signature == calculated_signature
  return json_response
end

Java

background_checks-service-sample

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

import javax.net.ssl.HttpsURLConnection;

public class Main {
    public static void main(String[] args) throws Exception {
        String url = "https://api.shuftipro.com/";
        String CLIENT_ID = "CLIENT_ID";
        String SECRET_KEY = "SECRET_KEY";
        URL obj = new URL(url);
        HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();

        // Add request header
        con.setRequestMethod("POST");
        con.setRequestProperty("Content-Type", "application/json");
        String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));    
        con.setRequestProperty("Authorization", basicAuth);

        String payload = "{\"background_checks\":{\"name\":{\"full_name\":\"John Doe\"},\"dob\":\"2016-01-01\",\"ongoing\":\"1\",\"filters\":[\"sanction\",\"fitness-probity\",\"warning\",\"pep\"]}}";

        // Send post request
        con.setDoOutput(true);
        DataOutputStream wr = new DataOutputStream(con.getOutputStream());
        wr.writeBytes(payload);
        wr.flush();
        wr.close();

        int responseCode = con.getResponseCode();
        System.out.println("\nSending 'POST' request to URL : " + url);
        System.out.println("Payload : " + payload);
        System.out.println("Response Code : " + responseCode);

        BufferedReader in = new BufferedReader(
                new InputStreamReader(con.getInputStream()));
        System.out.println(in.toString());
        String inputLine;
        StringBuffer response = new StringBuffer();

        while ((inputLine = in.readLine()) != null) {
            response.append(inputLine);
        }
        in.close();

        // Print the response
        System.out.println(response.toString());
    }
}

cURL

background_checks-service-sample

curl --location --request POST 'https://api.shuftipro.com' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
    "reference"    : "1234567",
    "callback_url" : "http://www.example.com/",
    "email"        : "[email protected]",
    "country"      : "GB",
    "language"     : "EN",
    "redirect_url": "http://www.example.com",
    "ttl"         : 60,
    "verification_mode" : "any",
    "background_checks": {
      "name": {
        "full_name" : "John Doe"
      },
      "dob": "2016-01-01",
      "ongoing": "1",
      "filters": ["sanction", "fitness-probity", "warning", "pep"]
    }
}'

C#

background_checks-service-sample

var client = new RestClient("https://api.shuftipro.com");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@"    ""reference""    : ""1234567""," + "\n" +
@"    ""callback_url"" : ""http://www.example.com/""," + "\n" +
@"    ""email""        : ""[email protected]""," + "\n" +
@"    ""country""      : ""GB""," + "\n" +
@"    ""language""     : ""EN""," + "\n" +
@"    ""redirect_url"": ""http://www.example.com""," + "\n" +
@"    ""ttl""         : 60," + "\n" +
@"    ""verification_mode"" : ""any""," + "\n" +
@"    ""background_checks"" : {" + "\n" +
@"        ""name""             : {""full_name"": ""John Doe""},\n";
@"        ""dob"": ""2016-01-01""," + "\n" +
@"        ""ongoing""                   : ""1""," + "\n" +
@"        ""filters""                   : [""sanction"",""fitness-probity"",""warning"",""pep""]" + "\n" +
@"    }" + "\n" +
@"}";
request.AddParameter("application/json", body,  ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);

Go

background_checks-service-sample

package main

import (
  "fmt"
  "strings"
  "net/http"
  "io/ioutil"
)

func main() {

  url := "https://api.shuftipro.com"
  method := "POST"

  payload := strings.NewReader(`{
    "reference"    : "1234567",
    "callback_url" : "http://www.example.com/",
    "email"        : "[email protected]",
    "country"      : "GB",
    "language"     : "EN",
    "redirect_url": "http://www.example.com",
    "ttl"         : 60,
    "verification_mode" : "any",
        "background_checks": {
            "name": {
        "full_name": "John Doe"
      },
            "dob": "2016-01-01",
            "ongoing": "1",
            "filters": ["sanction", "fitness-probity", "warning", "pep"]
        }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := ioutil.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}

info

OCR for name recognition in AML checks is exclusively conducted when utilized with services that incorporate OCR functionality, such as Document Verification, Document Two Verification, and Address Verification.