OneSpan Identity Verification REST API

The OneSpan Identity Verification REST API is organized around the Transaction model. This model is fully defined by JSON schemas that can be used to generate client-side libraries for accessing the API.

With the OneSpan Identity Verification REST API, the following actions are available:

• Create and execute e-agreement workflows

• Define and parametrize workflow instances

• Provide and manipulate documents

• Query transaction information

• Provide personal details of e-agreement process participants

• Define/assign roles to signers

• Provide metadata as additional evidence

• Retrieve signed agreements, audit-trail, and electronic evidence

• Delete transactions

The OneSpan Identity Verification JSON model defines several key entities:

• Transaction (see Transaction model)

• Session (see Session model)

• User (see User model)

• Document (see Document model)

• Evidence

• Resource

The requests described in this section require a JSON Web Token (JWT) in the Bearer header. Depending on the request, the JWT must possess the corresponding role:

• For requests to access a transaction, the JWT must contain the transaction access role.

• For requests to access a session, the JWT must contain the session access role.

• For requests to access evidence, the JWT must contain the evidence access role.

For more information, see JSON Web Tokens.

Overview of API endpoints

Create transaction

PUT /api/transaction/ HTTP1.1
Host: onespan.com
Accept: application/json, text/javascript

For more information, see Create transaction.

Get transaction status and metadata

GET /api/transaction/uuid: transaction_id(?withVerifications=true/false optional) 
HTTP1.1Host: onespan.com

For more information, see Get transaction status and metadata.

Get transaction verification

GET /api/transaction/uuid: transaction_id/verification HTTP/1.1
Host: onespan.com
Accept: application/json, text/javascript

For more information, see Get transaction verification.

Get evidence

GET /api/transaction/uuid: transaction_id/document/AuditTrailDocument/pdf
Host: onespan.com
Accept: application/json, application/pdf

For more information, see Get evidence.

Get document

GET /api/transaction/uuid: transaction_id/document/document_id/pdf HTTP/1.1
Host: onespan.com
Accept: application/json, text/javascript

For more information, see Get document.

Cancel transaction

PUT /api/transaction/uuid: transaction_id/event
Host: onespan.com
Accept: application/json, text/javascript

For more information, see Cancel transaction.

Mark transaction for erasure

POST /api/transactions/mark-for-erasure
Authorization: Bearer token
Content-Type: application/json
X-Tenant: dealflo

For more information, see Mark transaction for erasure.

Unmark transaction for erasure

POST /api/transactions/unmark-for-erasure
Authorization: Bearer token
Content-Type: application/json
X-Tenant: dealflo

For more information, see Unmark transaction for erasure.

Create session creation token

POST /api/transaction/uuid: transaction_id/token HTTP /1.1
Host: onespan.com
Accept: application/json, text/javascript

For more information, see Create session creation token.

Generate audit trail

POST /api/transactions/uuid: transaction_id/generate-audit-trail
Authorization: Bearer token

For more information, see Generate audit trail on demand.

Download audit trail document

GET /api/transactions/uuid: transaction_id/data
Authorization: Bearer token

For more information, see Generate audit trail on demand.

Get URL of verification images

GET /api/transactions/transaction_id/verifications/verification_id/verification-images
Host: onespan.com
Accept: application/json

For more information, see Retrieve verification images.

Download image binary data

GET /api/transactions/transaction_id/data?url=sfs_url

For more information, see Retrieve verification images.

Detailed verification report

GET /api/transactions/id/detailed-verification-report
Authorization: Bearer tenant_access_token

For more information, see Detailed verification report.