API Reference

The details of API endpoints for Web KYC.

post
Requesting Verification

https://api.app.authenteq.com/oauth/request_verification
This endpoint returns the link to Authenteq Identity Server. This endpoint is authorized with Basic Auth. You should use client_id and client_secret from the Customer Dashboard as the credentials.
Request
Response
Request
Body Parameters
redirect_uri
required
string
The redirect URI that will be used to receive the code.
state
optional
string
The random value that can be used to make sure that redirect is an effect of legitimate verification session.
Response
200: OK
The verificationUrl should be used by user to perform Identity Verification.
{"verificationUrl":"https://web-idv.app.authenteq.com/verify?token=<token>"}

post
The Code to Token Exchange

https://api.app.authenteq.com/oauth/token
The token endpoint that is used to exchange the code for the authorization token. The token is used to retrieve user details. This endpoint is authorized with Basic Auth. You should use client_id and client_secret from the Customer Dashboard as the credentials. The token is valid only for 15 minutes. After that time, user data is no longer accessible. There is no way to refresh or generate a new token.
Request
Response
Request
Body Parameters
grant_type
required
string
It should be authorization_code
code
required
string
The authorization code received in the redirect URI params.
redirect_uri
required
string
The redirect URI used to receive the code.
Response
200: OK
Returns token that can be used to retrieve the user details.
{
"access_token": "...",
"token_type": "bearer",
"expires_in": 86399,
"scope": "read write",
"jti": "..."
}

This endpoint should be called by your backend system.

The client secret, as its name suggests, is a secret and should never be made publicly available. It SHOULD NOT be stored in the frontend code that is run in the user's browser.

get
User Details

https://api.app.authenteq.com/verifications/result
The endpoint returns the user details extracted from the user document during registration. The user data is paired with the authorization token.
Request
Response
Request
Headers
Authorization
required
string
The header that authorizes the request with the token. The value should have format: Bearer <access_token>
Response
200: OK
The details extracted from the user document.
{
"id": "3631324b-5bcc-48b0-b717-4f12f45e0a1d",
"status": "PASSED",
"platform": "WEB",
"startTime": "2020-04-10T11:44:40.644143+07:00",
"documentData": {
"documentType": "DL",
"documentNumber": "1234567890",
"issuingCountry": "USA",
"jurisdiction": "Uta",
"nationality": "USA",
"firstName": "JOHN",
"lastName": "DOE",
"nameSuffixes": "Mr",
"namePrefixes": "Jr",
"sex": "M",
"dateOfBirth": "1964-12-30",
"dateOfExpiry": "2022-12-30",
"dateOfIssue": "2012-05-30",
"licenseClass": "B/C/D",
"licenseClassDetails": {
"B": {
"from": "2019-01-30",
"to": "2029-01-30",
"notes": "Some valuable note"
},
"C": {
"from": "2019-01-30",
"to": "2029-01-30"
},
"D": {
"from": "2019-01-30",
"to": "2029-01-30"
}
},
"croppedFrontImage": {
"contentType": "image/jpeg",
"content": "Y3JvcHBlZEZyb250SW1hZ2U="
},
"croppedBackImage": {
"contentType": "image/jpeg",
"content": "Y3JvcHBlZEJhY2tJbWFnZQ=="
}
}
}

We keep user details for 72 hours to debug potential issues. After that time we remove them completely from our system.

The documentData field of the response can hold following properties:

Property

Description

Mandatory

Example

documentNumber

Number of ID document.

Yes

"FG617451", "8136431812"

issuingCountry

Three letter country code in ISO 3166-1 alpha-3 format of the country which issued the ID.

Yes

"DEU", "UKR", "USA"

documentType

Document type described by abbreviations:

  • PP - passport,

  • DL - driver's license,

  • NID - national ID.

Yes

"PP", "DL", "NID"

givenNames

String with given names, separated by whitespace.

No

"ANNA MARIA DE O", "VITALII"

surname

String with surnames (family names), separated by whitespace.

No

"GARCIA DILS", "GOZHENKO"

nameSuffixes

String with name suffixes, separated by whitespace.

No

"JR 3RD", "8TH"

namePrefixes

String with name prefixes, separated by whitespace.

No

"DR MRS", "DR"

nationality

Three letter country code in ISO 3166-1 alpha-3 format of the user’s nationality.

No

"DEU", "UKR", "USA"

dateOfBirth

Date of birth.

No

"1987-01-12"

dateOfExpiry

Date of document expiration.

No

"2017-01-30"

dateOfIssue

Date when document was issued.

No

"2017-01-30"

sex

Gender of the user. Can contain one of values:

  • F - female,

  • M - male,

  • X - unspecified.

No

"F", "M", "X"

issuingDate

The date that the id document was issued

No

YYYY-MM-DD

licenseClass

The type of Driving License detected

No

"A","B","C"

jurisdiction

The state that issued the Identity document

No

"FL"