Requests
Sample Verification Request
To initiate a verification request, you must access the base URL https://api.shuftipro.com/ endpoint and provide the desired services within the verification request object. Attached is a sample object illustrating how to commence a verification service.
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST / HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
// replace "Basic" with "Bearer in case of Access Token"
{
"reference": "1234567",
"callback_url": "http://www.example.com/",
"email": "[email protected]",
"country": "GB",
"language": "EN",
"redirect_url": "http://www.example.com",
"ttl": 60,
"verification_mode": "any",
"document": {
"proof": "",
"additional_proof": "",
"supported_types": ["id_card", "driving_license", "passport"],
"name": "",
"dob": "",
"age": "",
"issue_date": "",
"expiry_date": "",
"document_number": "",
"allow_offline": "1",
"allow_online": "1",
"gender": ""
},
"address": {
"proof": "",
"supported_types": ["id_card", "bank_statement"],
"name": "",
"issue_date": "",
"full_address": "",
"address_fuzzy_match": "1",
"document_number": ""
}
}
let payload = {
reference : `SP_REQUEST_${Math.random()}`,
callback_url : "https://yourdomain.com/profile/sp-notify-callback",
redirect_url : "https://yourdomain.com/site/sp-redirect",
country : "GB",
language : "EN",
verification_mode : "any",
ttl : 60,
}
//Use this key if you want to perform document verification with OCR
payload['document'] = {
proof : '',
additional_proof : '',
name : '',
dob : '',
age : '',
document_number : '',
expiry_date : '',
issue_date : '',
allow_offline : '1',
allow_online : '1',
supported_types : ['id_card','passport'],
gender : ""
}
//Use this key if you want to perform address verification with OCR
payload['address'] = {
name : '',
full_address : '',
address_fuzzy_match : '1',
issue_date : '',
supported_types : ['utility_bill','passport','bank_statement']
}
//BASIC AUTH TOKEN
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
},
body: JSON.stringify(payload)
})
.then(function(response) {
return response.json();
}).then(function(data) {
if (data.event && data.event === 'request.pending') {
createIframe(data.verification_url)
}
});
//Method used to create an Iframe
function createIframe(src) {
let iframe = document.createElement('iframe');
iframe.style.position = 'fixed';
iframe.id = 'shuftipro-iframe';
iframe.name = 'shuftipro-iframe';
iframe.allow = "camera";
iframe.src = src;
iframe.style.top = 0;
iframe.style.left = 0;
iframe.style.bottom = 0;
iframe.style.right = 0;
iframe.style.margin = 0;
iframe.style.padding = 0;
iframe.style.overflow = 'hidden';
iframe.style.border = "none";
iframe.style.zIndex = "2147483647";
iframe.width = "100%";
iframe.height = "100%";
iframe.dataset.removable = true;
document.body.appendChild(iframe);
}
<?php
$url = 'https://api.shuftipro.com/';
//Your Shufti Pro account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$verification_request = [
'reference' => 'ref-'.rand(4,444).rand(4,444),
'country' => 'GB',
'language' => 'EN',
'email' => '[email protected]',
'callback_url' => 'https://yourdomain.com/profile/notifyCallback',
'verification_mode' => 'any',
'ttl' => 60,
];
//Use this key if you want to perform document verification with OCR
$verification_request['document'] =[
'proof' => '',
'additional_proof' => '',
'name' => '',
'dob' => '',
'age' => '',
'document_number' => '',
'expiry_date' => '',
'issue_date' => '',
'allow_offline' => '1',
'allow_online' => '1',
'supported_types' => ['id_card','passport'],
'gender' => ''
];
//Use this key if you want to perform address verification with OCR
$verification_request['address'] = [
'proof' => '',
'name' => '',
'full_address' => '',
'address_fuzzy_match' => '1',
'issue_date' => '',
'supported_types' => ['utility_bill','passport','bank_statement']
];
$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token);
$post_data = json_encode($verification_request);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
$decoded_response = json_decode($response_data,true);
$event_name = $decoded_response['event'];
if($event_name == 'request.pending'){
if($sp_signature == $calculate_signature){
$verification_url = $decoded_response['verification_url'];
echo "Verification url :" . $verification_url;
}else{
echo "Invalid signature :" . $response_data;
}
}else{
echo "Error :" . $response_data;
}
function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers,'body' => $body];
}
?>
import requests, base64, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/'
# Your Shufti Pro account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';
verification_request = {
'reference' : 'ref-{}{}'.format(randint(1000, 9999), randint(1000, 9999)),
'country' : 'GB',
'language' : 'EN',
'email' : '[email protected]',
'callback_url' : 'https://yourdomain.com/profile/notifyCallback',
'verification_mode' : 'any',
'ttl' : 60,
}
# Use this key if you want to perform document verification with OCR
verification_request['document'] = {
'proof' : '',
'additional_proof' : '',
'name' : '',
'dob' : '',
'age' : '',
'document_number' : '',
'expiry_date' : '',
'issue_date' : '',
'allow_offline' : '1',
'allow_online' : '1',
'supported_types' : ['id_card','passport'],
'gender' : ''
}
# Use this key want to perform address verification with OCR
verification_request['address'] = {
'proof' : '',
'name' : '',
'full_address' : '',
'address_fuzzy_match' : '1',
'issue_date' : '',
'supported_types' : ['utility_bill','passport','bank_statement']
}
# Calling Shufti Pro request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(verification_request))
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Get Shufti Pro Signature
sp_signature = response.headers.get('Signature','')
# Convert json string to json object
json_response = json.loads(response.content)
# Get event returned
event_name = json_response['event']
print (json_response)
if event_name == 'request.pending':
if sp_signature == calculated_signature:
verification_url = json_response['verification_url']
print ('Verification URL: {}'.format(verification_url))
else:
print ('Invalid signature: {}'.format(response.content))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/")
# Your Shufti Pro account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
verification_request = {
reference: "Ref-"+ (0...8).map { (65 + rand(26)).chr }.join,
callback_url: "https://yourdomain.com/profile/notifyCallback",
email: "[email protected]",
country: "GB",
language: "EN",
redirect_url: "http://www.example.com",
verification_mode: "any",
ttl: 60
}
# Use this key if you want to perform document verification with OCR
verification_request["document"] = {
supported_types: ["id_card","driving_license","passport"],
proof: "",
additional_proof: "",
name: "",
dob: "",
age: "",
issue_date: "",
expiry_date: "",
document_number: "",
allow_offline: "1",
allow_online: "1",
gender: ""
}
# Use this key if you want to perform address verification with OCR
verification_request["address"] = {
supported_types: ["id_card","bank_statement"],
name: "",
issue_date: "",
full_address: "",
address_fuzzy_match: "1"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
request.body = verification_request.to_json
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = response.read_body
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{\n \"reference\": \"1234567\",\n \"callback_url\": \"http://www.example.com/\",\n \"email\": \"[email protected]\",\n \"country\": \"GB\",\n \"language\": \"EN\",\n \"redirect_url\": \"http://www.example.com\",\n \"ttl\": 60,\n \"verification_mode\": \"any\",\n \"document\": {\n \"proof\": \"\",\n \"additional_proof\": \"\",\n \"supported_types\": [\n \"id_card\",\n \"driving_license\",\n \"passport\"\n ],\n \"name\": \"\",\n \"dob\": \"\",\n \"age\": \"\",\n \"issue_date\": \"\",\n \"expiry_date\": \"\",\n \"document_number\": \"\",\n \"allow_offline\": \"1\",\n \"allow_online\": \"1\",\n \"gender\": \"\"\n },\n \"address\": {\n \"proof\": \"\",\n \"supported_types\": [\n \"id_card\",\n \"bank_statement\"\n ],\n \"name\": \"\",\n \"issue_date\": \"\",\n \"full_address\": \"\",\n \"address_fuzzy_match\": \"1\",\n \"document_number\": \"\"\n }\n}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
"reference" : "1234567",
"callback_url" : "http://www.example.com/",
"email" : "[email protected]",
"country" : "GB",
"language" : "EN",
"redirect_url": "http://www.example.com",
"ttl" : 60,
"verification_mode" : "any",
"document" : {
"proof" : "",
"additional_proof" : "",
"supported_types" : ["id_card","driving_license","passport"],
"name" : "",
"dob" : "",
"age" : "",
"issue_date" : "",
"expiry_date" : "",
"document_number" : "",
"allow_offline" : "1",
"allow_online" : "1",
"gender" : ""
},
"address" : {
"proof" : "",
"supported_types" : ["id_card","bank_statement"],
"name" : "",
"issue_date" : "",
"full_address" : "",
"address_fuzzy_match":"1",
"document_number" : ""
}
}'
var client = new RestClient("https://api.shuftipro.com");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{" + "\n" +
@" ""reference"" : ""1234567""," + "\n" +
@" ""callback_url"" : ""http://www.example.com/""," + "\n" +
@" ""email"" : ""[email protected]""," + "\n" +
@" ""country"" : ""GB""," + "\n" +
@" ""language"" : ""EN""," + "\n" +
@" ""redirect_url"": ""http://www.example.com""," + "\n" +
@" ""ttl"" : 60," + "\n" +
@" ""verification_mode"" : ""any""," + "\n" +
@" ""document"" : {" + "\n" +
@" ""proof"" : """"," + "\n" +
@" ""additional_proof"" : """"," + "\n" +
@" ""supported_types"" : [""id_card"",""driving_license"",""passport""]," + "\n" +
@" ""name"" : """"," + "\n" +
@" ""dob"" : """"," + "\n" +
@" ""age"" : """"," + "\n" +
@" ""issue_date"" : """", " + "\n" +
@" ""expiry_date"" : """"," + "\n" +
@" ""document_number"" : """"," + "\n" +
@" ""allow_offline"" : ""1""," + "\n" +
@" ""allow_online"" : ""1""," + "\n" +
@" ""gender"" : """"" + "\n" +
@" }," + "\n" +
@" " + "\n" +
@" ""address"" : {" + "\n" +
@" ""proof"" : """"," + "\n" +
@" ""supported_types"" : [""id_card"",""bank_statement""]," + "\n" +
@" ""name"" : """"," + "\n" +
@" ""issue_date"" : """"," + "\n" +
@" ""full_address"" : """"," + "\n" +
@" ""address_fuzzy_match"":""1""," + "\n" +
@" ""document_number"" : """"" + "\n" +
@" }" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com"
method := "POST"
payload := strings.NewReader(`{
"reference" : "1234567",
"callback_url" : "http://www.example.com/",
"email" : "[email protected]",
"country" : "GB",
"language" : "EN",
"redirect_url": "http://www.example.com",
"ttl" : 60,
"verification_mode" : "any",
"document" : {
"proof" : "",
"additional_proof" : "",
"supported_types" : ["id_card","driving_license","passport"],
"name" : "",
"dob" : "",
"age" : "",
"issue_date" : "",
"expiry_date" : "",
"document_number" : "",
"allow_offline" : "1",
"allow_online" : "1",
"gender" : ""
},
"address" : {
"proof" : "",
"supported_types" : ["id_card","bank_statement"],
"name" : "",
"issue_date" : "",
"full_address" : "",
"address_fuzzy_match":"1",
"document_number" : ""
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
Status Request
Once a verification request is completed, you may request at the status endpoint to get the verification status. You’ll have to provide the reference ID for the status request and you will be promptly informed about the status of that verification.
| Parameter | Description |
|---|---|
| reference | Required: Yes Type: string Minimum: 6 characters Maximum: 250 characters This is the unique reference ID of request, which we will send you back with each response, so you can verify the request. |
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST /status HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//replace "Basic" with "Bearer in case of Access Token"
{
"reference" : "17374217"
}
var payload = {
reference : 'your_request_reference'
}
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/status',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
},
body: JSON.stringify(payload)
})
.then(function(response) {
return response.json();
}).then(function(data) {
return data;
});
<?php
$url = 'https://api.shuftipro.com/status';
//Your Shufti Pro account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$status_request = [
"reference" => "your_request_reference",
];
$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization : Bearer ' . $access_token);
$post_data = json_encode($status_request);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
if($sp_signature == $calculate_signature){
echo "Response : $response_data";
}else{
echo "Invalid signature : $response_data";
}
function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$curl_info = curl_getinfo($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers,'body' => $body];
}
?>
import requests, base64, json, hashlib
from random import randint
url = 'https://api.shuftipro.com/'
client_id = 'YOUR-CLIENT-ID'
secret_key = 'YOUR-SECRET-KEY'
verification_request = {
"reference" : "ref-{}{}".format(randint(1000, 9999), randint(1000, 9999)),
"journey_id" : "q9pDvvCx1669874968",
"email" : "[email protected]"
}
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(verification_request))
json_response = json.loads(response.content)
print('Verification URL: {}'.format(json_response))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/status")
# Your Shufti Pro account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
post_data = {
reference: "your_request_reference"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
request.body = post_data.to_json
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = JSON.parse(response.read_body)
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/status";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{ \n \"reference\" : \"17374217\"\n}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com/status' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
"reference" : "17374217"
}'
var client = new RestClient("https://api.shuftipro.com/status");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{ " + "\n" +
@" ""reference"" : ""17374217""" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/status"
method := "POST"
payload := strings.NewReader(`{
"reference" : "17374217"
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
Delete Request
Once a verification request is completed, you may request at the delete request endpoint to delete the verification data. You’ll have to provide the reference ID for that request and you will be promptly informed about the deletion of the request.
| Parameter | Description |
|---|---|
| reference | Required: Yes Type: string Minimum: 6 characters Maximum: 250 characters This is the unique reference ID of request which needs to be deleted. |
| comment | Required: Yes Type: string Minimum: 5 characters Maximum: 200 characters Add a comment why the request is deleted for your future reference |
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST /delete HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//replace "Basic" with "Bearer in case of Access Token"
{
"reference" : "17374217",
"comment" : "Customer asked to delete his/her data"
}
var payload = {
reference : 'your_request_reference',
comment : 'Customer asked to delete his/het data'
}
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/delete',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
},
body: JSON.stringify(payload)
})
.then(function(response) {
return response.json();
}).then(function(data) {
return data;
});
<?php
$url = 'https://api.shuftipro.com/delete';
//Your Shufti Pro account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$delete_request = [
"reference" => "your_request_reference",
"comment" => "Customer asked to delete his/her data"
];
$auth = $client_id . ":" . $secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization : Bearer ' . $access_token);
$post_data = json_encode($delete_request);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $post_data, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
if($sp_signature == $calculate_signature){
echo "Response : $response_data";
}else{
echo "Invalid signature : $response_data";
}
function send_curl($url, $post_data, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
$html_response = curl_exec($ch);
$curl_info = curl_getinfo($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers, 'body' => $body];
}
?>
import base64, requests, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/delete'
# Your Shufti Pro account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';
delete_request = {
"reference" : "your_request_reference",
"comment" : "Customer asked to delete his/her data"
}
# Calling Shufti Pro request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"},
data=json.dumps(delete_request))
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Convert json string to json object
json_response = json.loads(response.content)
sp_signature = response.headers.get('Signature','')
if sp_signature == calculated_signature:
print ('Response : {}'.format(json_response))
else:
print ('Invalid Signature: {}'.format(json_response))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/delete")
# Your Shufti Pro account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
post_data = {
reference: "your_request_reference",
comment: "Customer asked to delete his/her data"
}
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
request.body = post_data.to_json
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = JSON.parse(response.read_body)
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/delete";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
String payload = "{ \n \"reference\" : \"17374217\",\n \"comment\" : \"Customer asked to delete his/her data\"\n}";
// Send post request
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(payload);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Payload : " + payload);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com/delete' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw '{
"reference" : "17374217",
"comment" : "Customer asked to delete his/her data"
}'
var client = new RestClient("https://api.shuftipro.com/delete");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"{ " + "\n" +
@" ""reference"" : ""17374217""," + "\n" +
@" ""comment"" : ""Customer asked to delete his/her data""" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/delete"
method := "POST"
payload := strings.NewReader(`{
"reference" : "17374217",
"comment" : "Customer asked to delete his/her data"
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
Account Info Request
This end-point provides account information to the customer such as account status, balance, and type (production mode or trial mode).
info
If the type of account is production and customer signs up for a monthly subscription plan, the subscription plan details are available under the subscription_plan_details key. It contains plan details for current and upcoming months including the start and end dates, total_requests, used_requests and remaining_requests.
caution
Account Info end-point can only be used with Authorization Basic Auth.
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//GET /account/info/ HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); //BASIC AUTH TOKEN
// if Access Token
//var token = "YOUR_ACCESS_TOKEN";
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/account/info/',
{
method : 'get',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token // if access token then replace "Basic" with "Bearer"
}
})
.then(function(response) {
return response.json();
}).then(function(data) {
return data;
});
<?php
$url = 'https://api.shuftipro.com/account/info/';
//Your Shufti Pro account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
//OR Access Token
//$access_token = 'YOUR-ACCESS-TOKEN';
$auth = $client_id.":".$secret_key; // remove this in case of Access Token
$headers = ['Content-Type: application/json'];
// if using Access Token then add it into headers as mentioned below otherwise remove access token
// array_push($headers, 'Authorization: Bearer ' . $access_token);
//Calling Shufti Pro request API using curl
$response = send_curl($url, $headers, $auth); // remove $auth in case of Access Token
//Get Shufti Pro API Response
$response_data = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
if($sp_signature == $calculate_signature){
echo "Response :" . $response_data;
}else{
echo "Invalid signature :" . $response_data;
}
function send_curl($url, $headers, $auth){ // remove $auth in case of Access Token
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth); // remove this in case of Access Token
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // remove this in case of Access Token
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers,'body' => $body];
}
?>
import base64, requests, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/account/info/'
# Your Shufti Pro account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# OR Access Token
# access_token = 'YOUR-ACCESS-TOKEN';
# Calling Shufti Pro request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
# if access token
# b64Val = access_token
# replace "Basic with "Bearer" in case of Access Token
response = requests.get(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"})
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Convert json string to json object
json_response = json.loads(response.content)
sp_signature = response.headers.get('Signature','')
if sp_signature == calculated_signature:
print ('Response : {}'.format(json_response))
else:
print ('Invalid Signature: {}'.format(json_response))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/account/info/")
# Your Shufti Pro account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
# if access token
# ACCESS_TOKEN = "YOUR-ACCESS-TOKEN"
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
# if Access Token
# header_auth = ACCESS_TOKEN
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}" # replace "Basic" with "Bearer" in case of access token
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = JSON.parse(response.read_body)
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/account/info/";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("GET");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
int responseCode = con.getResponseCode();
System.out.println("\nSending 'GET' request to URL : " + url);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request GET 'https://api.shuftipro.com/account/info' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw ''
var client = new RestClient("https://api.shuftipro.com/account/info");
client.Timeout = -1;
var request = new RestRequest(Method.GET);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/account/info"
method := "GET"
payload := strings.NewReader(``)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
sample-account-info-response
{
"account": {
"name": "your account name",
"status": "production",
"balance": {
"amount": "99.85",
"currency": "USD"
}
}
}
sample-account-info-response
{
"account": {
"name": "your account name",
"status": "production",
"balance": {
"amount": "99.85",
"currency": "USD"
},
"subscription_plan_details": {
"kyc": [
{
"total_requests": 100,
"used_requests": 0,
"remaining_requests": 100,
"start_date": "2020-05-03",
"end_date": "2020-05-18"
},
{
"total_requests": 100,
"used_requests": 0,
"remaining_requests": 100,
"start_date": "2020-05-18",
"end_date": "2020-05-30"
}
],
"aml": [
{
"total_requests": 500,
"used_requests": 0,
"remaining_requests": 500,
"start_date": "2020-05-01",
"end_date": "2020-05-30"
},
{
"total_requests": 200,
"used_requests": 0,
"remaining_requests": 200,
"start_date": "2020-05-30",
"end_date": "2020-06-27"
}
],
"kyb": [
{
"total_requests": 3000,
"used_requests": 0,
"remaining_requests": 3000,
"start_date": "2020-05-08",
"end_date": "2020-05-30"
}
]
}
}
}
sample-account-info-response
{
"account": {
"name": "your account name",
"status": "trial",
"balance": {
"amount": "99.85",
"currency": "USD"
}
}
}
Access Token Request
This end-point is used to generate an access_token which is used to authorize API requests. The access token will be applicable only for 1 hour per request to the API.
- Http
- Javascript
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST https://api.shuftipro.com/get/access/token HTTP/1.1
//Host: api.shuftipro.com
//Content-Type: application/json
//Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==
//Use your Shufti Pro account client id and secret key
var token = btoa("YOUR_CLIENT_ID:YOUR_SECRET_KEY"); //BASIC AUTH TOKEN
//Dispatch request via fetch API or with whatever else which best suits for you
fetch('https://api.shuftipro.com/get/access/token',
{
method : 'post',
headers : {
'Accept' : 'application/json',
'Content-Type' : 'application/json',
'Authorization' : 'Basic ' +token
}
})
.then(function(response) {
return response.json();
}).then(function(data) {
return data;
});
<?php
$url = 'https://api.shuftipro.com/get/access/token';
//Your Shufti Pro account Client ID
$client_id = 'YOUR-CLIENT-ID';
//Your Shufti Pro account Secret Key
$secret_key = 'YOUR-SECRET-KEY';
$auth = $client_id . ":" . $secret_key;
$headers = ['Content-Type: application/json'];
//Calling Shufti Pro request API using curl
$response = send_curl($url, $headers, $auth);
//Get Shufti Pro API Response
$response_data = $response['body'];
//Get Shufti Pro Signature
$exploded = explode("\n", $response['headers']);
// Get Signature Key from Hearders
$sp_signature = null;
foreach ($exploded as $key => $value) {
if (strpos($value, 'signature: ') !== false || strpos($value, 'Signature: ') !== false) {
$sp_signature=trim(explode(':', $exploded[$key])[1]);
break;
}
}
// Calculating signature for verification
// Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
// $secret_key = hash('sha256', $secret_key)
// Calculated signature functionality cannot be implement in case of access token
$calculate_signature = hash('sha256',$response_data.$secret_key);
if($sp_signature == $calculate_signature){
echo "Response :" . $response_data;
}else{
echo "Invalid signature :" . $response_data;
}
function send_curl($url, $headers, $auth){
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_USERPWD, $auth);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
$html_response = curl_exec($ch);
$header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$headers = substr($html_response, 0, $header_size);
$body = substr($html_response, $header_size);
curl_close($ch);
return ['headers' => $headers, 'body' => $body];
}
?>
import base64, requests, json, hashlib
from random import randint
'''
Python 2
--------
import urllib2
Python 3
--------
import urllib.request
urllib.request.urlopen(url).read()
'''
url = 'https://api.shuftipro.com/get/access/token'
# Your Shufti Pro account Client ID
client_id = 'YOUR-CLIENT-ID'
# Your Shufti Pro account Secret Key
secret_key = 'YOUR-SECRET-KEY'
# Calling Shufti Pro request API using python requests
auth = '{}:{}'.format(client_id, secret_key)
b64Val = base64.b64encode(auth.encode()).decode()
response = requests.post(url,
headers={"Authorization": "Basic %s" % b64Val, "Content-Type": "application/json"})
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# secret_key = hashlib.sha256(secret_key.encode()).hexdigest()
# Calculated signature functionality cannot be implement in case of access token
calculated_signature = hashlib.sha256('{}{}'.format(response.content.decode(), secret_key).encode()).hexdigest()
# Convert json string to json object
json_response = json.loads(response.content)
sp_signature = response.headers.get('Signature','')
if sp_signature == calculated_signature:
print ('Response : {}'.format(json_response))
else:
print ('Invalid Signature: {}'.format(json_response))
require 'uri'
require 'net/http'
require 'base64'
require 'json'
url = URI("https://api.shuftipro.com/get/access/token")
# Your Shufti Pro account Client ID
CLIENT_ID = "YOUR-CLIENT-ID"
# Your Shufti Pro account Secret Key
SECRET_KEY = "YOUR-SECRET-KEY"
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
header_auth = Base64.strict_encode64("#{CLIENT_ID}:#{SECRET_KEY}")
request["Content-Type"] = "application/json"
request["Authorization"] = "Basic #{header_auth}"
response = http.request(request)
response_headers = response.instance_variable_get("@header")
response_data = JSON.parse(response.read_body)
sp_signature = !(response_headers['signature'].nil?) ? response_headers['signature'].join(',') : ""
# Calculating signature for verification
# Clients registered with Shufti Pro after March 15, 2023, must use secret key as follows
# SECRET_KEY = Digest::SHA256.hexdigest SECRET_KEY
# calculated signature functionality cannot be implement in case of access token
calculated_signature = Digest::SHA256.hexdigest response_data + SECRET_KEY
if sp_signature == calculated_signature
puts response_data
else
puts "Invalid signature"
end
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
public class Main {
public static void main(String[] args) throws Exception {
String url = "https://api.shuftipro.com/get/access/token";
String CLIENT_ID = "CLIENT_ID";
String SECRET_KEY = "SECRET_KEY";
URL obj = new URL(url);
HttpsURLConnection con = (HttpsURLConnection) obj.openConnection();
// Add request header
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
String basicAuth = "Basic " + Base64.getEncoder().encodeToString((CLIENT_ID + ":" + SECRET_KEY).getBytes(StandardCharsets.UTF_8));
con.setRequestProperty("Authorization", basicAuth);
int responseCode = con.getResponseCode();
System.out.println("\nSending 'POST' request to URL : " + url);
System.out.println("Response Code : " + responseCode);
BufferedReader in = new BufferedReader(
new InputStreamReader(con.getInputStream()));
System.out.println(in.toString());
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
in.close();
// Print the response
System.out.println(response.toString());
}
}
curl --location --request POST 'https://api.shuftipro.com/get/access/token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==' \
--data-raw ''
var client = new RestClient("https://api.shuftipro.com/get/access/token");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==");
var body = @"";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.shuftipro.com/get/access/token"
method := "POST"
payload := strings.NewReader(``)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Authorization", "Basic NmI4NmIyNzNmZjM0ZmNlMTlkNmI4WJRTUxINTJHUw==")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
sample-access-token-response
{
"access_token": "NzA4N2I2YjAwZjQyYmUyNDc1YTUxZmZiMzJjMTQ4M2IxOTY2ZTFmMg=="
}
Proof Access Request
To access proofs, clients should send a POST request to a specific endpoint with their access_token included in the request payload. Please note that the access_token must be valid and the request method must be POST; otherwise, the server will return an error.
Additionally, the endpoint URL is only valid for 15 minutes, after which the client will need to obtain a new access_token to access the proofs.
info
The feature will be applicable only for clients onboarded after 7th April, 2023.
- Http
- HTML
- PHP
- Python
- Ruby
- Java
- cURL
- C#
- Go
//POST https://ns.shuftipro.com/api/pea/a95aa76a9d8ecf8526dc82473ed5d0e963d110b4 HTTP/1.1
//Host: ns.shuftipro.com
//Content-Type: application/json
{
"access_token": "46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a43"
}
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Proof Access Request</title>
</head>
<body>
<!-- HTML element to display the image -->
<img id="image">
<video id="video" style="display:none;" controls></video>
<iframe id="pdf-viewer" width="100%" height="500" style="display:none;"></iframe>
<p id="error"></p>
<!-- JavaScript code to send the request and display the image -->
<script>
fetch("https://ns.shuftipro.com/api/pea/7c2ca78ed5d994a61ea561mm8c76720ce80a7f23", {
method: 'POST',
headers: {
'Content-type': 'application/json; charset=UTF-8'
},
body: JSON.stringify({
"access_token": "46e02a0a0aad8f449714881f7dl63aaca16ffa30dffc3e5feab78d98c94a434a"
}),
})
.then(response => {
const contentType = response.headers.get('Content-Type');
if (contentType && contentType.startsWith('image/')) {
return response.blob().then(blob => {
const imageUrl = URL.createObjectURL(blob);
const imageElement = document.getElementById('image');
imageElement.src = imageUrl;
});
} else if (contentType && contentType.startsWith('video/')) {
return response.blob().then(blob => {
const videoUrl = URL.createObjectURL(blob);
document.getElementById("video").style.display="block";
const videoElement = document.getElementById('video');
videoElement.src = videoUrl;
});
} else if (contentType && contentType.startsWith('application/pdf')) {
return response.blob().then(blob => {
const pdfUrl = URL.createObjectURL(blob);
document.getElementById("pdf-viewer").style.display="block";
const pdfViewer = document.getElementById('pdf-viewer');
pdfViewer.setAttribute('src', pdfUrl);
});
} else {
document.getElementById('error').innerHTML = "Error from Server";
}
})
.catch(error => {
console.error('Error:', error);
});
</script>
</body>
</html>
<?php
// Define the POST data
$data = array(
'access_token' => '46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a434a'
);
// Url to access proof
$url = "https://ns.shuftipro.com/api/pea/7c2ca78ed5d994a61ea561mm8c76720ce80a7f23";
// Set up the POST request
$options = array(
'http' => array(
'method' => 'POST',
'header' => 'Content-type: application/json',
'content' => json_encode($data)
)
);
$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);
$contentType = get_headers($url, 1)['Content-Type'];
if ($contentType && strpos($contentType, 'image/') === 0) {
header('Content-Type: ' . $contentType);
file_put_contents('image.jpg', $response);
} else if ($contentType && strpos($contentType, 'video/') === 0) {
header('Content-Type: ' . $contentType);
file_put_contents('video.mp4', $response);
} else if ($contentType && $contentType === 'application/pdf') {
header('Content-Type: ' . $contentType);
header('Content-Disposition: inline; filename="document.pdf"');
file_put_contents('document.pdf', $response);
} else {
echo "Error from server";
}
?>
import urllib.request
import shutil
# Define the POST data
data = {
'access_token': '46e02a0a0aad8f449714881f7dd63acca16ffa30dffc3e5feab78d98c94a434a'
}
# url to access proof
url = 'https://ns.shuftipro.com/api/pea/56734eb1290ac9721891592d335b2074f592eca9802cacec19b9e0e61ff35919'
# Set up the POST request
data = urllib.parse.urlencode(data).encode('utf-8')
req = urllib.request.Request(url, data)
with urllib.request.urlopen(req) as response:
contentType = response.headers.get('Content-Type')
if contentType and contentType.startswith('image/'):
with open('image.jpg', 'wb') as f:
shutil.copyfileobj(response, f)
elif contentType and contentType.startswith('video/'):
with open('video.mp4', 'wb') as f:
shutil.copyfileobj(response, f)
elif contentType and contentType == 'application/pdf':
with open('document.pdf', 'wb') as f:
shutil.copyfileobj(response, f)
else:
print('Error from server')
require 'net/http'
require 'uri'
require 'json'
# Define the POST data
data = {
"access_token" => "46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a434a"
}
# url to access proof
url = URI.parse("https://ns.shuftipro.com/api/pea/7c2ca78ed5d994a61ea561mm8c76720ce80a7f23")
# Set up the POST request
req = Net::HTTP::Post.new(url.path, {'Content-Type' =>'application/json'})
req.body = data.to_json
res = Net::HTTP.start(url.host, url.port, :use_ssl => true) {|http|
http.request(req)
}
contentType = res.header['Content-Type']
if contentType && contentType.start_with?('image/')
File.write('image.jpg', res.body)
elsif contentType && contentType.start_with?('video/')
File.write('video.mp4', res.body)
elsif contentType && contentType == 'application/pdf'
File.write('document.pdf', res.body)
else
puts "Error from server"
end
import java.io.*;
import java.net.*;
public class Main {
public static void main(String[] args) throws Exception {
// Define the POST data
String postData = "{\"access_token\":\"46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a434a\"}";
byte[] postDataBytes = postData.getBytes("UTF-8");
String urlString = "https://ns.shuftipro.com/api/pea/7c2ca78ed5d994a61ea561mm8c76720ce80a7f23";
URL url = new URL(urlString);
// Set up the POST request
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type", "application/json");
conn.setDoOutput(true);
conn.getOutputStream().write(postDataBytes);
InputStream inputStream = conn.getInputStream();
String contentType = conn.getHeaderField("Content-Type");
if (contentType != null && contentType.startsWith("image/")) {
FileOutputStream outputStream = new FileOutputStream("image.jpg");
byte[] buffer = new byte[4096];
int bytesRead;
while ((bytesRead = inputStream.read(buffer)) != -1) {
outputStream.write(buffer, 0, bytesRead);
}
outputStream.close();
} else if (contentType != null && contentType.startsWith("video/")) {
FileOutputStream outputStream = new FileOutputStream("video.mp4");
byte[] buffer = new byte[4096];
int bytesRead;
while ((bytesRead = inputStream.read(buffer)) != -1) {
outputStream.write(buffer, 0, bytesRead);
}
outputStream.close();
} else if (contentType != null && contentType.equals("application/pdf")) {
FileOutputStream outputStream = new FileOutputStream("document.pdf");
byte[] buffer = new byte[4096];
int bytesRead;
while ((bytesRead = inputStream.read(buffer)) != -1) {
outputStream.write(buffer, 0, bytesRead);
}
outputStream.close();
} else {
System.out.println("Error from server");
}
inputStream.close();
conn.disconnect();
}
}
curl --location --request POST 'https://ns.shuftipro.com/api/pea/a95aa76a9d8ecf8526dc82473ed5d0e963d110b4' \
--header 'Content-Type: application/json' \
--data-raw '{
"access_token": "46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a43"
}'
var client = new RestClient("https://ns.shuftipro.com/api/pea/a95aa76a9d8ecf8526dc82473ed5d0e963d110b4");
client.Timeout = -1;
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
var body = @"{" + "\n" +
@" ""access_token"": ""46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a43""" + "\n" +
@"}";
request.AddParameter("application/json", body, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
Console.WriteLine(response.Content);
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://ns.shuftipro.com/api/pea/a95aa76a9d8ecf8526dc82473ed5d0e963d110b4"
method := "POST"
payload := strings.NewReader(`{
"access_token": "46e02a0a0aad8f449714881f7dd63aaca16ffa30dffc3e5feab78d98c94a43"
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/json")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}