Skip to main content
Version: v2.0 (latest)

Management API services

The management API services enable you to:

  • Perform basic create, read, update, and delete (CRUD) operations on existing users.
  • Check the health of your API and service providers.
  • Manage tokens.

iProov API specification

See the iProov Open API specification

Authentication

The API authentication mechanism is OAuth 2.0. A new Bearer Token can be generated using your service provider credentials.

EndpointPOST {api_key}/access_token
Request Body Content-Typeapplication/x-www-form-urlencoded
Authentication

You must provide your:

  • api_key as the URL parameter.
  • OAuth username and password as a Basic Authentication header. Both were generated when your service provider was created.

Important:

  • Provide the OAuth username and password via the Authorization header in Basic format. These credentials are different to the service provider API key and secret, which you supply separately.
  • Each generated access_token is valid for one hour, or 50 requests, whichever is first.
  • Refresh each access_token after it expires.

User management

### Get a user

EndpointGET /users/{user_id}
DescriptionRetrieve an existing, previously enrolled user using their user_id.
AuthenticationOAuth Bearer Token — Scope: user-read

Update a user

EndpointPUT /users/{user_id}
DescriptionUpdate a user profile.
AuthenticationOAuth Bearer Token — Scope: user-write

Delete a user

Caution: Deleted users cannot be used during verify transactions.

EndpointDELETE /users/{user_id}
DescriptionDelete a user profile. Use this endpoint to implement your own data retention policy.
AuthenticationOAuth Bearer Token — Scope: user-write

API and service health checks

EndpointGET /availability?api_key={api_key}
DescriptionCheck the availability status of a service provider.
AuthenticationNone

Manage tokens

EndpointPOST /claim/{token}/invalidate
DescriptionInvalidate a generated Enrol or Verify token. The client SDK is prevented from launching with this token.
AuthenticationNone