POST
/
v3
/
verify
curl --request POST \
  --url https://platform.uat.proveapis.com/v3/verify \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "finalTargetUrl": "https://www.example.com/landing-page",
  "firstName": "Sheilakathryn",
  "lastName": "Butrimovich",
  "emailAddress": "sbutrimovichb@who.int",
  "possessionType": "mobile",
  "phoneNumber": "2001004011",
  "smsMessage": "#### is your temporary code to continue your application. Caution: for your security, don'\''t share this code with anyone.",
  "clientRequestId": "71010d88-d0e7-4a24-9297-d1be6fefde81",
  "clientCustomerId": "e0f78bc2-f748-4eda-9d29-d756844507fc"
}'
{
  "success": "pending",
  "authToken": "eyJhbGciOi...",
  "possessionResult": "pending",
  "verifyResult": "pending",
  "correlationId": "713189b8-5555-4b08-83ba-75d08780aebd"
}

Welcome to the Prove Platform documentation. This documentation applies if you use the client-side SDK and Prove Platform APIs.

For access to classic documentation, contact support@prove.com or your Prove representative.

Use the following base URLs when integrating :

https://platform.uat.proveapis.com - North America Staging Environment https://platform.proveapis.com - North America Production Environment https://platform.uat.eu.proveapis.com - European Union Staging Environment https://platform.eu.proveapis.com - European Union Production Environment

For international calls, add a plus sign + to the front, followed by the phone number. This is optional for North America mobile numbers.

Verify North America numbers against the North America Prove Platform endpoint. Verify international numbers against the European Union Prove Platform endpoint.

SMSMessage will use a default message as described below if no custom message is passed in. This default message will always be in English. Prove recommends using a native-language custom SMS Message for non-English speaking countries.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json

Request body for the V3 Verify API

firstName
string
required

First name of the individual.

Example:

"Sheilakathryn"

lastName
string
required

Last name of the individual.

Example:

"Butrimovich"

phoneNumber
string
required

Phone number is the number of the mobile phone. The field is required in the Sandbox environment. US phone numbers can be passed in with or without a leading +1. Acceptable characters are: alphanumeric with symbols '+'.

Example:

"2001004011"

possessionType
string
required

Possession type is based on the method used - either 'desktop' if using desktop, 'mobile' for iOS/Android native apps and mobile web, or 'none' if no possession check is required. Acceptable options are: 'desktop', 'mobile', and 'none'.

Example:

"mobile"

clientCustomerId
string

Client Customer ID is a client-generated unique ID for a specific customer. This can be used by clients to link calls related to the same customer, across different requests or sessions. The format of this ID is defined by the client - Prove recommends using a GUID, but any format can be accepted. Prove does not offer any functionality around the Client Request ID at this time, and this is expected to be added in a future release. NOTE: Do not include Personally Identifiable Information (PII) in this field.

Example:

"e0f78bc2-f748-4eda-9d29-d756844507fc"

clientRequestId
string

Client Request ID is a client-generated unique ID for a specific session. This can be used by clients to identify specific requests made to Prove Link. The format of this ID is defined by the client - Prove recommends using a GUID, but any format can be accepted. Prove does not offer any functionality around the Client Request ID at this time, and this is expected to be added in a future release. NOTE: Do not include Personally Identifiable Information (PII) in this field.

Example:

"71010d88-d0e7-4a24-9297-d1be6fefde81"

emailAddress
string

Email is the email address of the customer. Acceptable characters are: alphanumeric with symbols '@.+'.

Example:

"sbutrimovichb@who.int"

finalTargetUrl
string

Final target URL is only required for when flowType=desktop. The final target URL is where the end user will be redirected at the end of Instant Link flow. Acceptable characters are: alphanumeric with symbols '-._+=/:?'.

Example:

"https://www.example.com/landing-page"

smsMessage
string

SMSMessage is an optional field to customize the message body sent in the Instant Link (flowType=desktop) or OTP (on mobile) SMS message. If not provided, the following default messages will be used:

  1. For Instant Link: "Complete your verification. If you did not make this request, do not click the link. ####"
  2. For OTP: "#### is your temporary code to continue your application. Caution: for your security, don't share this code with anyone." Max length is 160 characters. Only ASCII characters are allowed.

The placeholder format varies by flow type:

  1. For OTP (mobile flow): Use ####, #####, or ###### to generate 4-6 digit verification codes respectively.
  2. For Instant Link (desktop flow): Must use exactly #### which will be replaced with the verification URL.
Example:

"#### is your temporary code to continue your application. Caution: for your security, don't share this code with anyone."

Response

200
application/json
Successful request.
correlationId
string
required

Correlation ID is the unique ID that Prove generates for the flow. To continue the flow, the field will also be used for each of the subsequent API calls in the same flow - it cannot be reused outside of a single flow.

Example:

"713189b8-5555-4b08-83ba-75d08780aebd"

possessionResult
object
required

Possession Result represents the result of the Possession check. Possible values are "pending" and "not_applicable", based on the Possession Type passed in the input. Clients will have to call the Verify Status API to get a result if Possession Result is pending.

Example:

"pending"

success
object
required

Success is the result of the combination of Verify Result and Possession Result. Possible values are "true", "pending", and "false". The success value will be "pending" until the results of both Verify and Possession are returned or one of them fails, blocking the other.

Example:

"pending"

verifyResult
object
required

Verify Result represents the result of the Verify process. Possible values are "success", "pending", and "failed". If the Verify result is pending, clients will need to call the Verify Status API to get a result.

Example:

"pending"

authToken
string

AuthToken is a bearer token for use by the Prove Client SDK.

Example:

"eyJhbGciOi..."