The API provides a suite of endpoints designed to facilitate various operations related to customer identity verification and application processing. These endpoints are structured to offer a straightforward, RESTful interface, allowing for easy integration into diverse systems. Below is an overview of the required headers and key endpoints available:

Request Headers

Proper implementation of these headers is essential for secure and effective communication between the client and server. Below details the specific headers required and secure API interactions.

1. Content-Type: Most endpoints' content type is set to application/json, indicating that the request body is formatted as JSON. However, for the authentication token request, this header should be set to x-www-form-urlencoded, indicating that the request's body is a URL-encoded form.

2. Accept: This header is used in the request header to indicate to the server what content types are acceptable for the response. For the this is typically set to application/json, which tells the server that the client is expecting a JSON-formatted response.

3. Authorization: This header is crucial for APIs that require authentication. The Authorization header is used to pass the bearer token which is a form of security token. The format generally is Bearer <access_token>, where <access_token> is a placeholder for the actual token the server provides upon authentication. This token is used by the server to verify that the request is coming from an authenticated and authorized source.

Request Paths

1. Authentication

   • Get Access and Refresh Tokens (POST /ext/authentications/token): Acquire an access token for API authentication.

2. Applications

   • Create Application (POST /ext/applications): Establish a new application, providing application type, reference and customer details. This will create an application and send an email invite to each customer.

   • Retrieve Application (GET /ext/applications/{id}): Fetch detailed information about a specific application using its unique ID. Useful for tracking and managing ongoing applications with direct callss

   • Delete Application (DELETE /ext/applications/{id}): Permanently remove an application from the system. This will permanently delete the application, customer associated and any underlying check data.

   • Archive Application (PATCH /ext/applications/{id}/archive): Archive an existing application for future reference without deleting it. Helps in maintaining application views without having to delete them.

3. Individuals

   • Retrieve Individual (GET /ext/individuals/{id}): Obtain detailed information on an individual associated with an application.

   • Resend Invites (POST /ext/individuals/{id}/invites/resend): Resend email invitation with new invite code to an individual. The email contains links to the Verify by Tiller app.

   • Reset Individual (POST /ext/individuals/{id}/reset): Reset an individual's information and check details within an application. Useful for restarting the process for your customer and sending them a new email with code.

   • Get Individual Report (GET /ext/individuals/{id}/report): Download a comprehensive report about an individual's verification data.This is only available to individuals that have completed their checks.

4. References

   • Retrieve References (GET /ext/references): Access reference ID data like country codes, document types, and mandate/application types.

5. Webhooks

   • Subscribe to Webhook (POST /ext/webhooks/subscribe): Enable webhook subscriptions for receiving real-time updates related to applications. Facilitates immediate response of application data when a customer has completed their verification process.

   • Retrieve Webhook (GET /ext/webhooks/retrieve/{application_id}): Fetch webhook details for a particular application. Useful for debugging and monitoring webhook interactions.

Each endpoint plays a role in the operation of the identity verification process, offering a suite of tools for application management and system integration.