Management API services
The management API services enable you to:
- Perform basic create, read, update, and delete (CRUD) operations on existing users.
- Check the health of your API and service providers.
- Manage tokens.
iProov API specification
See the iProov Open API specification
Authentication
The API authentication mechanism is OAuth 2.0. A new Bearer Token can be generated using your service provider credentials.
| Endpoint | POST {api_key}/access_token |
| Request Body Content-Type | application/x-www-form-urlencoded |
| Authentication | You must provide your:
|
Important:
- Provide the OAuth username and password via the Authorization header in Basic format. These credentials are different to the service provider API key and secret, which you supply separately.
- Each generated access_token is valid for one hour, or 50 requests, whichever is first.
- Refresh each access_token after it expires.
User management
### Get a user
| Endpoint | GET /users/{user_id} |
| Description | Retrieve an existing, previously enrolled user using their user_id. |
| Authentication | OAuth Bearer Token — Scope: user-read |
Update a user
| Endpoint | PUT /users/{user_id} |
| Description | Update a user profile. |
| Authentication | OAuth Bearer Token — Scope: user-write |
Delete a user
Caution: Deleted users cannot be used during verify transactions.
| Endpoint | DELETE /users/{user_id} |
| Description | Delete a user profile. Use this endpoint to implement your own data retention policy. |
| Authentication | OAuth Bearer Token — Scope: user-write |
API and service health checks
| Endpoint | GET /availability?api_key={api_key} |
| Description | Check the availability status of a service provider. |
| Authentication | None |
Manage tokens
| Endpoint | POST /claim/{token}/invalidate |
| Description | Invalidate a generated Enrol or Verify token. The client SDK is prevented from launching with this token. |
| Authentication | None |