OneSpan Identity Verification REST API

The OneSpan Identity Verification REST API is organized around the Transaction Model. This model is fully defined by JSON schemata that can be used to generate client-side libraries for accessing the API. The OneSpan Identity Verification REST API allows you to

  • Create and execute e-agreement workflows
  • Define and parametrize workflow instances
  • Provide and manipulate documents
  • Query transaction information
  • Provide personal details of e-agreement process participants
  • Define/assign roles to signers
  • Provide metadata as additional evidence
  • Retrieve signed agreements, audit-trail, and electronic evidence
  • Delete transactions

The OneSpan Identity Verification model defines several key entities:

All the requests described in this section will require a JWT in the Bearer header. Depending on the request, the JWT must possess the corresponding role:

  • for requests accessing a transaction, the JWT must contain the transaction access role;
  • for requests accessing a session the JWT must contain the session access role
  • for requests accessing evidence, the JWT must contain the evidence access role

For more information, see JSON Web Tokens .

API endpoints

Create transaction

  1. PUT /api/transaction/ HTTP1.1
  2. Host: onespan.com
  3. Accept: application/json, text/javascript

For more information, see Create Transaction.

Get transaction status and metadata

  1. GET /api/transaction/transaction_id(?withVerifications=true/false optional) HTTP1.1
  2. Host: onespan.com

For more information, see Get Transaction Status and Metadata.

Get transaction verification

  1. GET /api/transaction/transaction_id/verification HTTP/1.1
  2. Host: onespan.com
  3. Accept: application/json, text/javascript

For more information, see Get Transaction Verification.

Get evidence

  1. GET /api/transaction/uuid:transaction_id/document/AuditTrailDocument/pdf
  2. Host: onespan.com
  3. Accept: application/json, application/pdf

For more information, see Get Evidence.

Get document

  1. GET /api/transaction/transaction_id/document/document_id/pdf HTTP/1.1
  2. Host: onespan.com
  3. Accept: application/json, text/javascript

For more information, see Get Document.

Cancel transaction

  1. PUT /api/transaction/transaction_id/event
  2. Host: onespan.com
  3. Accept: application/json, text/javascript

For more information, see Cancel Transaction.

Mark transaction for erasure

  1. POST /api/transactions/mark-for-erasure
  2. Authorization: Bearer token
  3. Content-Type: application/json
  4. X-Tenant: dealflo

For more information, see Mark Transaction for Erasure.

Unmark transaction for erasure

  1. POST /api/transactions/unmark-for-erasure
  2. Authorization: Bearer token
  3. Content-Type: application/json
  4. X-Tenant: dealflo

For more information, see Unmark Transaction for Erasure.

Create session creation token

  1. POST /api/transaction/uuid: transaction_id/token HTTP /1.1
  2. Host: onespan.com
  3. Accept: application/json, text/javascript

For more information, see Create Session Creation Token.

Generate audit trail

  1. POST /api/transactions/transaction_uuid/generate-audit-trail
  2. Authorization: Bearer token

For more information, see Generate Audit Trail.

Download audit trail document

  1. GET /api/transactions/dte-transaction-id/data
  2. Authorization: Bearer token

For more information, see Download Audit Trail Document.

Get URL of verification images

  1. GET /api/transactions/transaction_id/verifications/verification_id/verification-images
  2. Host: onespan.com
  3. Accept: application/json

For more information, see Retrieve Verification Images.

Download image binary data

  1. GET /api/transactions/transaction_id/data?url=sfs_url

For more information, see Retrieve Verification Images.