POST
/
v3
/
verify
curl --request POST \
  --url https://platform.uat.proveapis.com/v3/verify \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "finalTargetUrl": "https://www.example.com/landing-page",
  "firstName": "Sheilakathryn",
  "lastName": "Butrimovich",
  "emailAddress": "sbutrimovichb@who.int",
  "possessionType": "mobile",
  "phoneNumber": "2001004011",
  "smsMessage": "#### is your temporary code to continue your application. Caution: for your security, don'\''t share this code with anyone.",
  "clientRequestId": "71010d88-d0e7-4a24-9297-d1be6fefde81",
  "clientCustomerId": "e0f78bc2-f748-4eda-9d29-d756844507fc"
}'
{
  "success": "success",
  "authToken": "eyJhbGciOi...",
  "possessionResult": "possessionResult",
  "verifyResult": "verifyResult",
  "correlationId": "713189b8-5555-4b08-83ba-75d08780aebd"
}

Welcome to the Prove® Platform documentation! This documentation applies only if you use the client-side SDK and Prove® Platform APIs.

For access to classic documentation, please contact support@prove.com or your Prove representative.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json

Request body for the V3 Verify API

firstName
string
required

First name of the individual.

lastName
string
required

Last name of the individual.

phoneNumber
string
required

Phone number is the number of the mobile phone. The field is required in the Sandbox environment. In Production, you will likely pass the phone number via the Prove Link client SDK instead of within the Start call depending on how your user experience is implemented. Acceptable characters are: alphanumeric with symbols '+'.

possessionType
string
required

Possession type is based on the method used - either 'desktop' if using desktop, 'mobile' for iOS/Android native apps and mobile web, or 'none' if no possession check is required. Acceptable options are: 'desktop', 'mobile', and 'none'.

clientCustomerId
string

Client Customer ID is a client-generated unique ID for a specific customer. This can be used by clients to link calls related to the same customer, across different requests or sessions. The format of this ID is defined by the client - Prove recommends using a GUID, but any format can be accepted. Prove does not offer any functionality around the Client Request ID at this time, and this is expected to be added in a future release. NOTE: Do not include Personally Identifiable Information (PII) in this field.

clientRequestId
string

Client Request ID is a client-generated unique ID for a specific session. This can be used by clients to identify specific requests made to Prove Link. The format of this ID is defined by the client - Prove recommends using a GUID, but any format can be accepted. Prove does not offer any functionality around the Client Request ID at this time, and this is expected to be added in a future release. NOTE: Do not include Personally Identifiable Information (PII) in this field.

emailAddress
string

Email is the email address of the customer. Acceptable characters are: alphanumeric with symbols '@.+'.

finalTargetUrl
string

Final target URL is only required for when flowType=desktop. The final target URL is where the end user will be redirected at the end of Instant Link flow. Acceptable characters are: alphanumeric with symbols '-._+=/:?'.

smsMessage
string

SMSMessage is an optional field to customize the message body sent in the Instant Link (flowType=desktop) or OTP (on mobile) SMS message. If not provided, the following default messages will be used:

  1. For Instant Link: "Complete your verification. If you did not make this request, do not click the link. ####"
  2. For OTP: "#### is your temporary code to continue your application. Caution: for your security, don't share this code with anyone." Max length is 160 characters. Only ASCII characters are allowed.

The placeholder format varies by flow type:

  1. For OTP (mobile flow): Use ####, #####, or ###### to generate 4-6 digit verification codes respectively.
  2. For Instant Link (desktop flow): Must use exactly #### which will be replaced with the verification URL.

Response

200
application/json
Successful request.
correlationId
string
required

Correlation ID is the unique ID that Prove generates for the flow. To continue the flow, the field will also be used for each of the subsequent API calls in the same flow - it cannot be reused outside of a single flow.

possessionResult
string
required
success
string
required
verifyResult
string
required
authToken
string

AuthToken is a bearer token for use by the Prove Client SDK.

Complete flowPerform checks for verified users session.