UpPass API (1.2.1)
Download OpenAPI specification:Download
UpPass API provides access to call various verification APIs from your system. The APIs are REST based and accept both GET and POST apis with parameters mentioned below. There are two types of APIs in this document, Authentication and Verification.
You will need to request access such as app_id, app_secret_keys, api_token from the UpPass team in order to test UpPass APIs
Below are the list of terms which are most used across UpPass APIs.
| Term | Description |
|---|---|
| workspace | A group of forms managed by users |
| form | UI Verification Form generated from UpPass Portal |
| form_slug | A (programically) flow name created by the client |
| lang | Language of the form UI |
| slug | Unique identification of form web address requesting for the end user |
| step | The step of the filling form |
| section | The sub-step of the form |
| answers | Collections of question_key and response of input by end users via UpPass Form |
| extras | Returns in some of the API response, which contains verification data (e.g. Liveness, ID documents,etc) |
Example URL
Dashboard Page
https://app.uppass.io/{lang}/dashboard/flows/{slug}/overall?workspace={workspace}Form Entry Page
https://app.uppass.io/{lang}/{form}In Progress Form
https://app.uppass.io/{lang}/form/{form}/{slug}/{step}/{section}
| Platform | Browser | Version |
|---|---|---|
| Android | Google Chrome | 107+ |
| Android | Samsung Internet Browser | 6.2+ |
| Android | Firefox | 106+ |
| iOS | Safari | 12+ |
| iOS | WKWebView | 14.3+ |
Note: Above browsers are for mobile web view only as users will not be able to verify on web browsers. If user attempts to verify on web browsers, they will be prompted to switch to mobile.
After you have signed up, you will be taken to the dashboard, where you can see the workflows and overview of the total verification submissions by the users.
Below screen is what will you see for the first time
Workspace is a container where all the flows are stored. You can only have one workspace per account. However, you can view and edit another workspace based on the invitation only.
First, you need to create a new flow. A flow contains multiple steps of verification. You can use the Flow name in the API to generate unique verification link to the end users.
- User visits client's application for verification
- Partner calls UpPass API to create a new verification form
- Partner's app redirect to UpPass Form generated by API
- User completes verification
- UpPass Form redirects to Partner's app
- Partner receive webhook from UpPass App
Registered account at UpPass.io
Create a new Workspace at UpPass.io
Create
Formunder the same WorkspaceCreate a
API Tokenfor API authentication requestConfigure
Webhook SubmissioneventCall
Create Form APIwithapi_tokenandform_slug- In Success response,
form_urlwill be returned - Redirct end user to the
form_url
- In Success response,
Receive verification result via
Webhook Submissionafter end user complete form submission
UpPass APIs return standard http response codes for success and failure of API requests. There are two types of errors:
| Error | Type | Description |
|---|---|---|
| 400: BAD REQUEST | ParseError | Malformed request |
| 401: UNAUTHORIZED | AuthenticationFailed | Incorrect authentication credentials |
| 403: FORBIDDEN | PermissionDenied | Do not have permission to perform the action |
| 400: BAD REQUEST | ParseError | Malformed request |
| 401: UNAUTHORIZED | AuthenticationFailed | Incorrect authentication credentials |
| 401: UNAUTHORIZED | NotAuthenticated | Authentication credentials were not provided. |
| 403: FORBIDDEN | PermissionDenied | Do not have permission to perform the action |
| 404: NOT FOUND | NotFound | Not found |
| 404: NOT FOUND | Http404 | Not found |
| 405: METHOD NOT ALLOWED | MethodNotAllowed | Method "{method}" not allowed. |
| 406: NOT ACCEPTABLE | NotAcceptable | Could not satisfy the request Accept header |
| 415: UNSUPPORTED MEDIA TYPE | UnsupportedMediaType | Unsupported media type {media_type} in request. |
| 422: VALIDATIONERROR | ValidationError | Invalid input. Return with errors detail in json. Example: { "input": ["Input is invalid."] } |
| 429: TOO MANY REQUESTS | Throttled | Request was throttled |
| 431: REQUEST HEADER FIELDS TOO LARGE | RequestHeaderFieldsTooLarge | One or more header fields exceeds the maximum size. |
| 500: INTERNAL SERVER ERROR | APIException | A server error occurred. |
| 500: INTERNAL SERVER ERROR | Exception | A server error occurred. |
| Error | Type | Description |
|---|---|---|
| 461: INSUFFICIENT CREDIT | InsufficientCredit | Insufficient Credit |
| 462: STORE SCAN CODE EXPIRED | StoreScanCodeExpired | Code expired. |
| 463: STORE SCAN CODE INVALID | StoreScanCodeInvalid | Invalid payment code |
| 464: TERM LOAN EXPIRED | TermLoanExpired | Term loan expired |
| 465: TERM LOAN EXPIRED | ReturnAmountExceedCreditUsage | Return amount exceed credit usage |
Create Form API
Passing parameters when calling Create Form API
Upon calling Create Form API, you can pass parameters to UpPass. When the verification is completed, UpPass will return the data via webhook.
Parameters
1. eKYC
If your form has KYC verification step, you can pass inside answers parameters on which documents UpPass should check for verification.
{
"answers": {}
}
By default, UpPass will ask National ID for KYC verification.
If you want to verify using Passport, you can pass answers as below :
{
"answers": {"ekyc_document_type": "passport"}
}
2. Input Parameters
You can also pass input parameters (predefined answers) when create the form.
Go to the form > builder > Input Parameter to set input parameters.
Example
{
"answers" : {
"customer_id": "uuid_1"
}
}
Create Form API Specification
Authorizations:
path Parameters
| lang required | string A language of the output form for the end user { |
| form_slug required | string A flow you want to create a new |
header Parameters
| Authorization required | string Example: Bearer {api_token} A |
Request Body schema: application/json
| answers | object |
Responses
Request samples
- Payload
{- "answers": { }
}Response samples
- 200
{- "info": "{UPPASS_HOSTNAME}/{lang}/api/forms/{form_slug}/applied-forms/{slug}/info/",
- "detail": {
- "form": "{form_slug}",
- "step": "{current_step}",
- "section": "{current_section}",
- "submitted_at": null,
- "slug": "{slug}"
}, - "form_url": "{UPPASS_HOSTNAME}/en/form/{form_slug}/{slug}/?"
}Webhook Submission
Webhook Configuration
You can configure one or more webhooks from the UpPass Portal.
After user has finished verification, system will call webhook to pass results data to your system.
Setting up Webhook
- First, go to UpPass Portal
- Go to, Connect Tab and Add Webhook
- Configure your webhook here (For Authorization, please choose Bearer)
Callbacks
Callback payload samples
{- "event": {
- "type": "string",
- "nounce": "string",
- "created_at": "string"
}, - "extra": {
- "ekyc": {
- "liveness": {
- "url": "string",
- "attempts": [
- {
- "id": 0,
- "images": [
- {
- "url": "string",
- "action": "string"
}
], - "status": "string",
- "attempt": 0,
- "message": "string",
- "created_at": "string"
}
]
}, - "face_compare": {
- "score": 0,
- "status": "string"
}, - "identity_document": {
- "url": "string",
- "type": "string",
- "attempts": [
- {
- "id": 0,
- "url": "string",
- "type": "string",
- "status": "string",
- "attempt": 0,
- "message": "string",
- "created_at": "string"
}
], - "face_image_url": "string"
}
}, - "bank_statement": {
- "id": 0,
- "margin": { },
- "casa_weighted_pct": { },
- "validation": {
- "validation_transaction_min_month": true,
- "validation_transaction_latest_after": true,
- "validation_transaction_oldest_before": true
}, - "validation_pass": true,
- "validation_note": {
- "validation_transaction_min_month": { },
- "validation_transaction_latest_after": "string",
- "validation_transaction_oldest_before": "string"
}, - "documents": [
- {
- "id": 0,
- "bank_statement": 0,
- "url": "string",
- "file_pk": "string",
- "applicant_id": "string",
- "account_name": "string",
- "account_type": "string",
- "branch_name": "string",
- "statement_period_from": "string",
- "statement_period_to": "string",
- "doc_period_from": "string",
- "doc_period_to": "string",
- "doc_requested_date": { },
- "account_number": "string",
- "address": "string",
- "validation_note": "string",
- "validation_same_creation_mod_date": true,
- "validation_name_match": true,
- "validation_has_transaction": true,
- "validation_valid_structure": true,
- "validation_valid_account_number": true,
- "validation_producer_check": true,
- "metadata_created_date": "string",
- "metadata_mod_date": "string",
- "metadata_producer": "string",
- "metadata_creator": "string",
- "bank_code": "string",
- "file_name": "string",
- "ocr_created_at": "string",
- "password": { },
- "status": "string",
- "excluded": true,
- "created_at": "string",
- "deleted_at": { },
- "transactions": [
- {
- "id": 0,
- "document_id": 0,
- "transaction_id": "string",
- "transaction_date": "string",
- "transaction_type": "string",
- "chq": "string",
- "particular": "string",
- "party": "string",
- "channel": "string",
- "deposit": 0,
- "withdrawal": 0,
- "balance": 0,
- "category": { },
- "exclusion_flag": { },
- "exclusion_reason": { },
- "group_name": { },
- "lo_issuer_tier": { },
- "lo_type": { },
- "created_at": "string",
- "deleted_at": { }
}
]
}
], - "created_at": "string",
- "deleted_at": { }
}
}, - "answers": {
- "question_key_1": {
- "value": "string",
- "created_at": "string",
- "updated_at": "string"
}, - "question_key_2": {
- "value": "string",
- "created_at": "string",
- "updated_at": "string"
}
}, - "application": {
- "id": 0,
- "no": "string",
- "form": "string",
- "slug": "string",
- "status": "string",
- "other_status": {
- "ekyc": "string"
}, - "submitted_at": "string"
}
}Resend Webhook
Use this API when you want to resend webhook to the end server
API Specification
Authorizations:
path Parameters
| lang required | string A language of the output form for the end user { |
| form_slug required | string A flow you want to create a new |
| slug required | string A |
header Parameters
| Authorization required | string Example: Bearer {api_token} A |
Responses
Webhook Events
submit_form
- When the end user has submitted the verification
update_status
- When admin has changed the status of eKYC via UpPass Portal
drop_off
- When the verification form is expired
- Requires configuration to trigger please contact the support team for inquery
ekyc_front_card_reached_max_attempts
- When the verification of ID scan has reached maximum attempt
- Requires configuration to trigger please contact the support team for inquery
ekyc_liveness_reached_max_attempts
- When the verification of facial liveness has reached maximum attempts
- Requires configuration to trigger please contact the support team for inquery
Callbacks
Callback payload samples
{- "event": {
- "type": "string",
- "nounce": "string",
- "created_at": "string"
}, - "application": {
- "id": 0,
- "no": "string",
- "form": "string",
- "slug": "string",
- "status": "string",
- "other_status": {
- "ekyc": "string"
}, - "submitted_at": "string"
}
}