Fetch Result - Authenticate

When the processing of an authenticate request is finished, you may receive the result through the callback if you provided it. You may also, fetch yourself the result by calling our API endpoint. Both methods are described below.

API Endpoint

NB: Be aware, this technique is called 'polling', this means that you will call the api until you have a result from our API. Our advise is to wait 5s between each call {API_URL}/flow/onboarding/fetch once you have a valid token. Too many calls in a short window may be rejected.

POST {API_URL}/flow/authenticate/fetch/auth/business
{
  "business_hash": str mandatory,
  "api_key": str mandatory,
}

As a response you will get a json document which includes a field named token. This token has a TTL of 10 minutes, so you can reuse it for multiple calls.

How to use the token ?

You simply add an Authorization Http header to your request with the given token

Authorization: Bearer <TOKEN>

How to get the result of the authenticate ?

You need to call this api, providing the flow_id you received when opening a session to authenticate a user.

POST {API_URL}/flow/authenticate/fetch
{
  "flow_id": str mandatory,
}

As a result of this call you can get a 200 http status:

  • But the message is not ready yet so you'll have as a response a json doc containing

{
    "detail": "applicant not found"
}

  • If the applicant (the result is ready) is available you'll have a json doc described here.

Callback

For different services, ShareID provides a callback mechanism. Here's in details how it works.

The callback system is used in those services:

You may provide a callback to be notified of the result of an onboarding for example. Whatever is the service used by the callback, these rules apply:

  • the callback must be a public link (or at least accessible from our platform [you may contact us to get our outgoing IP ranges])

  • It should be preferably an https link over an http link. In case of a secure link (using TLS), please ensure the validity of the certificate. The callback may be rejected if the certificate is invalid (obsolete, untrusted root certificate etc.)

  • The endpoint provided can contains variables in the URL but must respond to an HTTP POST method

    • eg: POST https://example.com/my_endpoint.php?transaction_id=9JD2XNU5

  • Also, the data send by our servers will use a json header

    • "Content-Type: application/json"

    • This means that you'll receive the resulting data as a json object

    • Each service will give a description of the object fields

  • Our server waits for an http status which must be 200 within 3000ms

    • in case it's an other status or if no response is given after the delay, we consider this is an error and we start a retry mechanism

PreviousFetch Result - OnboardingNextAnalysis Result

Last updated