PingOne Neo

PingOne Neo is a decentralized identity solution that gives control of identity data back to users. PingOne Neo empowers businesses to give their users full control over how they securely store and share verified credentials without unnecessary friction.

PingOne Neo also provides organizations with identity verification capabilities and the capability to issue credentials for users to store in their wallet app and verify user data with access to:

PingOne Credentials A self-service interface included to customize and issue verifiable digital credentials that users can store in their wallet app with no code required.

PingOne Neo Native SDK Embed personal identity using the SDK into a service to issue digital cards to users and let them store verifiable, shareable data in their wallet app. It is composed of PingOne Credentials, PingOne Verify, and a unified SDK, PingOne Neo SDK.

PingOne Verify Enabled secure user identity verification based on a government-issued document and live face capture (a selfie) using the PingOne Verify Integration Kit. For more information, refer to PingOne Verify Integration Kit.

For more information, refer to PingOne Neo.

PingOne Credentials

Use the Credentials service to create custom verifiable credentials for users. The resulting credentials can then be shared with compatible wallet apps. The Credentials service enables you to:

Automatic deletion and revocation

Typical behavior for credential types is to automatically revoke user credentials when a credential type, user, or environment is deleted. However, some credential types, such as birth certificates, university degrees, or marriage certificates, should never be automatically revoked even if the user or environment is deleted. You control this using onDelete.revokeIssuedCredentials on the credential type.

The selected deletion and revocation behavior cascades over all resources managed by the service: credential types, issuance rules, staged changes, digital wallet applications, digital wallets, and user credentials.

Environment deleted:

  • Delete all credential types

  • Delete all issuance rules

  • Delete all staged changes

  • Delete all digital wallet applications

  • Delete all digital wallets

  • Delete all user credentials

  • Delete all provisioned credentials

  • Delete all credential type counts

  • Delete environment credential count

Population deleted:

  • Remove population from existing issuance rules

Group deleted:

  • Remove group from existing issuance rules

User deleted:

  • Delete user credential

  • Delete digital wallets

Application (associated with digital wallet applications) deleted:

  • No impact

Credential type deleted:

  • Revoke issued credentials based on delete flag

  • Delete issuance rule

Issuance rule deleted

  • Delete staged changes

Digital wallet application deleted:

  • Disable digital wallets that are of this type

Digital wallet deleted:

  • Revoke credentials that were provisioned to the digital wallet based on credential type delete flag

User credential deleted:

  • Revoke provisioned credentials based on credential type delete flag

Regardless of the setting of onDelete.revokeIssuedCredentials, the service always deletes any pending credentials. (Pending credentials are staged for issue but not provisioned to a wallet because no paired digital wallet exists.)

Credential Issuers

Use the Credential Issuers operations to retrieve or update the credential issuer information. A credential issuer profile, which enables issuance of credentials, is automatically created when the credential service is added to an environment.

Credential Issuers data model

Property Type Required? Mutable? Description
applicationInstance.id String N/A Read-only Identifier (UUID) of the application instance registered with the PingOne platform service. This enables the client to send messages to the service.
createdAt DateTime N/A Read-only Date and time the issuer profile was created.
id String N/A Read-only Identifier (UUID) of the credential issuer.
logo String Optional Mutable A URI containing the logo for the issuer. Restricted to a valid URL with a scheme of https: or a scheme of data: with a base64-encoded image. Included in credentials issued.
name String Required Immutable The name of the credential issuer. Included in credentials issued.
siteUrl String Optional Mutable URL, chosen by the issuer, that references the issuer in issued credentials.
updatedAt DateTime N/A Read-only Date and time the credential issuer profile was last updated; can be null.

The logo and name can be shown to the user when indicating the credential issuer by the wallet app using using the PingOne Neo Native SDKs with getIssuerMetadata for Android and getCredentialIssuerMetadataFromClaim(_:) for iOS.

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 Unexpected server error.

Read Credential Issuer Profile


Update Credential Issuer Profile

Credential Types

Use the Credentials Types operations to create, read, and update the credential types used by compatible wallet apps.

Versioning

If the updated credential type differs from the existing credential type, the service saves the existing credential type as a Credential Type Version and increments version.number in the updated credential type. Credential Type Versions can be read with Read All Credential Type Versions.

Credential schema

When the service creates a credential from a credential type, it maintains the full credential schema, including attributes without corresponding values in the Create a User Credential request, so that the credential structure is consistent and predictable. It assigns an empty string ("") to any attribute without a value in the request body.

Credential Types data model

Property Type Required? Mutable? Description
cardDesignTemplate String Required Immutable An SVG formatted image containing placeholders for the credentials fields that need to be displayed in the image. Refer to warning following this table. Not returned with Read All Credential Types. You must Read One Credential Type with the id of the credential type you want to review.
cardType String Optional Mutable A descriptor of the credential type. Can be non-identity types such as proof of employment or proof of insurance.
createdAt DateTime N/A Read-only Date and time the credential type was created.
deletedAt DateTime N/A Read-only Date and time the credential type was deleted. Returned only with Read One Credential Type.
description String Optional Mutable A description of the credential type.
environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential type exists.
expiration Object Optional Mutable Object that identifies how to evaluate the expiration date. Requires one and only one of after, timestamp, or expression. Permitted only when management.mode is AUTOMATED.
expiration.after Object Required/Optional Mutable Contains the numeric duration and its time unit for calculating an expiration date.
expiration.after.duration Integer Required Mutable Length of time before transaction timeout expires; range is from a 1 hour minimum (or equivalent) to an (effectively) unbounded maximum.
expiration.after.timeUnit String Required Mutable Time unit of transaction timeout; can be SECONDS, MINUTES, HOURS, or DAYS.
expiration.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression that evaluates to an ISO 8601 date. For more information on PEL, refer to PingOne expression language.
expiration.fieldName String Required/Optional Mutable On issuance, name of the field in the credential to hold the expiration that, when evaluated, returns an expiration date. Must be unique from all fields defined in the metadata object of Create Credential Type. Required when expiration.type is SOFT. Optional when expiration.type is HARD and ignored if used.
expiration.timestamp DateTime Required/Optional Mutable The date and time to expire in ISO 8601 YYYY-MM-DDTHH:MM:SS.sssZ format (milliseconds optional).
expiration.type String Required Mutable Indicates how expiration of the credential is presented. Can be SOFT or HARD. A SOFT expiration appears as a user-defined field (named in fieldName) in the credential but returns no expiration date in Read One User Credential. A HARD expiration appears as a standards-based expiration field in the credential and returns an expiration date in Read One User Credential.
id String N/A Read-only Identifier (UUID) associated with the credential type.
issuer.id String N/A Read-only The identifier (UUID) of the issuer.
issuerName String Optional Mutable Issuer name associated with the card, can differ from title.
management.mode String Optional Mutable Management mode of the credential type. Can be AUTOMATED (the default) or MANAGED. Refer to the note following this table.
metadata Object Required Mutable Contains the names, data types, and other metadata related to the credential; refer to metadata object data model.
multiple Object Optional Mutable Object containing directives that enable you to Issue multiple credentials to a user based on a directory attribute.
multiple.expression String Required Mutable A PingOne Expression Language (PEL) expression that evaluates to a number or array. If an array, calculates the array length for the count. Populates the limit to a variable, __ITERATOR__, available to PEL expressions in metadata.fields.attribute.
onDelete.revokeIssuedCredentials Boolean Optional Mutable Whether user credentials are automatically revoked when a credential type, user, or environment is deleted. Defaults to true. For credential types (such as birth certificates, university degrees, or marriage certificates) that should never be automatically revoked even if the user or environment is deleted, set this to false.
title String Required Immutable Title of the credential. Verification sites are expected to be able to request the issued credential from the compatible wallet app using the title.
updatedAt DateTime N/A Read-only Date and time the credential type was last updated; can be null.
version.id String N/A Read-only Identifier (UUID) of this version of the credential type. The service assigns identifiers.
version.number Integer N/A Read-only Version of this credential type. The service assigns versions.
version.uri String N/A Read-only A URI to of this version of the credential type. The service assigns URIs.

If management.mode is AUTOMATED, the credential type is only issued by its associated credential issuance rule. If management.mode is MANAGED, the credential type is only issued by Create a User Credential or Update a User Credential API requests. If you change management.mode from AUTOMATED to MANAGED and an associated issuance rule exists, the rule is disabled, but not deleted.

If management.mode is AUTOMATED, you can value one and only one of the three properties in the expiration object and the associated credential issuance rule automatically assigns an expiration date when it issues the credential. If management.mode is MANAGED and an expiration object is present, it causes an error.

If you want to change management.mode from AUTOMATED to MANAGED, but one of the three properties in the expiration object is valued, you must remove the expiration object. Use Update the Credential Type with no expiration object, which removes it from the credential type, and with management.mode set to MANAGED.

metadata object data model

The metadata object is not returned with Read All Credential Types. You must Read One Credential Type with the id of the credential type you want to review.

Property Type Required? Mutable? Description
backgroundImage String Optional Mutable URL to an image of the background to show in the credential. Must be no more than 50 KB in size.
bgOpacityPercent String Optional Mutable Percent opacity of the background image in the credential. High percentage opacity may make reading text difficult.
cardColor String Optional Mutable Color to show on the credential.
columns Integer Optional Mutable Number of columns of visible fields to use when displaying the credential. Must be between 1 and 3. Defaults to 1.
description String Optional Mutable Description of the credential.
fields Object[] Optional Mutable Array of objects representing the fields.
fields.attribute String Required/Optional Mutable Name of the PingOne Directory attribute. Required if field.type is Directory Attribute, otherwise optional and ignored if used. Refer to fields.attribute definition.
fields.default String Optional Mutable Assigns a default value if a PingOne Expression Language (PEL) in the fields.attribute evaluates to no value.
fields.id String Required Mutable Identifier of the field. Ping Identity recommends that id is text formatted as "<fields.type> -> <fields.title>" to show the type of data expected as well as for what it is used. Examples include: "Alphanumeric Text -> Department" or "Directory Attribute -> Username".
fields.fileSupport String Optional Mutable Specifies how an image is stored in the credential; refer to fields.fileSupport types.
fields.isVisible Boolean Required Mutable Whether the field should be visible to viewers of the credential.
fields.required Boolean Optional Mutable Whether the field is required for the credential. Defaults to false.
fields.title String Required Mutable Descriptive text when showing the field.
fields.type String Required Mutable Type of data in the field; refer to fields.type types.
fields.value String Required/Optional Mutable The text to appear on the credential for a type of Alphanumeric Text. Required if type is Alphanumeric Text and management.mode is AUTOMATED, optional if type is Alphanumeric Text and management.mode is MANAGED (effectively a default that can be overridden by a data value in Create a User Credential or Update a User Credential), and otherwise ignored if present.
logoImage String Optional Mutable URL to an image of the logo to show in the credential. Must be no more than 25 KB in size.
name String Optional Mutable Name of the credential.
textColor String Optional Mutable Color of the text to show on the credential.
version Integer Optional Mutable Version of this credential metadata. If not provided, the service assigns a version.
fields.attribute definition

Although fields.attribute is always a string type, the service supports two interpretations of its string.

If the string begins with ${ and ends with }, the string is interpreted as a PingOne Expression Language (PEL) expression. As a PEL expression, the string must have user. before any attribute names. A PEL expression is essential to Issue multiple credentials to a user based on a directory attribute. The PEL expression extracts specific elements from the multiple potential credentials found in the attribute.

If the string does not have ${ and }, the string is interpreted as the traditional pointer to an attribute name in the directory. That is, you supply an attribute name as the string and the service supplies the value of that attribute to the credential. When used as a pointer, the string does not need user. to reference an attribute.

fields.fileSupport types

A credential field that uses a type of Directory Attribute can contain a URL that references a JPEG, PNG, or GIF image file uploaded with Create Image. The credential type is limited to 5 fields that have fileSupport set to BASE64_STRING or INCLUDE_FILE. For credentials, an image file has a maximum size of 2 MB. A credential cannot exceed 2.5 MB including all images.

Type Description
BASE64_STRING Image is base64-encoded to a string in the credential.
INCLUDE_FILE Image binary is included in the credential.
REFERENCE_FILE Only a URL referencing the image is in the credential. The image binary remains stored external to the credential.
fields.type types
Type Description
Alphanumeric Text A static text string of letters, numbers, or punctuation set on fields.value.
Issued Timestamp Date and time the credential was issued.
Directory Attribute Any PingOne Directory standard or custom attribute. When used in a credential for a user, the service reads that attribute from the user and puts the value in the credential. The name of the attribute is in fields.attribute.

Automatic deletion and revocation

Typical behavior for credential types is to automatically revoke user credentials when a credential type, user, or environment is deleted. However, some credential types, such as birth certificates, university degrees, or marriage certificates, should never be automatically revoked even if the user or environment is deleted. You control this using onDelete.revokeIssuedCredentials on the credential type.

The selected deletion and revocation behavior cascades over all resources managed by the service: credential types, issuance rules, staged changes, digital wallet applications, digital wallets, and user credentials.

If onDelete.revokeIssuedCredentials is true:

  • User credentials are revoked and deleted when the credential type is deleted.

  • Provisioned credentials are revoked when a user credential is deleted, its credential type is deleted, or its digital wallet is disabled or deleted.

If onDelete.revokeIssuedCredentials is false:

  • User credentials are only revoked if the issuance rule causes it to be revoked or if Update a User Credential sets the expiration date.

  • Provisioned credentials are revoked if the user credential is revoked (refer to previous item).

Issue multiple credentials to a user based on a directory attribute

Some customers must issue multiple credentials to a user based on a directory attribute. For example, a bank might issue credit cards in their own name while also issuing credit cards branded for their customers. A user may have more than one of these credit cards in their wallet. The directory service requires an attribute that contains all the credit cards for that user and the service must support credential issuance to any or all of that user's credit cards.

The customer can define a single directory attribute for each user to hold a data object that contains the different accounts owned by the user. Our hypothetical bank wants to support the end user being able to present a verifiable credential that contains only the information from one of these accounts. Although issuance of multiple credentials is initiated by a single directory attribute, definition of the credential type can reference any directory attributes for its fields.

The definition of the data object is up to the customer. They then use PingOne Expression Language (PEL) expressions to retrieve any information as required. The Credential Types multiple.expression contains a PEL expression that counts qualifying entries in the data object. The Credential Types metadata.fields.attribute contains a PEL expression to retrieve individual data elements that populates a field in the credit type definition.

When you Apply Credential Issuance Rule Staged Changes for a user for a credential type that has multiple configured, the service creates multiple, separate user credentials for the credential type.

An example may better illustrate applying these concepts.

Example data object

Our hypothetical bank customer, BigBank, uses this JSON object, stored as a JSON binary large object (blob), as the source for credit card information.

{
  "credit_cards": {
    "branded": [
      {
        "oem_merchant": "ChainRetailer",
        "customer_id": "0010380",
        "user_id": "1506980157738"
      },
      {
        "oem_merchant": "GlobalOil",
        "customer_id": "0475932",
        "user_id": "1506980157739"
      }
    ],
    "owned": [
      {
        "customer_id": "0010380",
        "int_id" : "03918203198"
      },
      {
        "customer_id": "0475932",
        "int_id" : "03918203100"
      }
    ]
  }
}

An administrator at BigBank creates two different credential types, one each for branded and owned. Each credential type is configured to issue a credential for each JSON object in that array.

Example API

This demonstrates the API using the branded array. An administrator at BigBank created this credential type for branded.

A body for Create a credential type (automated) that creates multiple credentials from the data object for the credit_cards.branded is:

{
    "title": "Branded Cards",
    "description": "Example for branded cards attribute for BigBank",
    "metadata": {
        "fields": [
            {
                "id": "title",
                "title": "oem_merchant",
                "attribute": "${user.credit_cards['branded'][__ITERATOR__].oem_merchant}",
                "isVisible": true,
                "type": "Directory Attribute",
                "default": "Use this if missing"
            },
            {
                "id": "Directory Attribute -> user_id",
                "title": "user_id",
                "attribute": "${user.credit_cards['branded'][__ITERATOR__].user_id}",
                "isVisible": true,
                "type": "Directory Attribute"
            },
            {
                "id": "Directory Attribute -> customer_id",
                "title": "customer_id",
                "attribute": "${user.credit_cards['branded'][__ITERATOR__].customer_id}",
                "isVisible": true,
                "type": "Directory Attribute"
            }
        ]
    },
    "cardDesignTemplate": "<svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 740 480\">...</svg>",
    "multiple": {
        "expression": "${user.credit_cards['branded']}"
    }
}

The PEL expression in multiple.expression returns the count of objects in the credit_cards.branded object array of the data object. This populates the iteration limit of the system __ITERATOR__ variable seen in the PEL expressions of the three metadata.fields.attribute values.

A body for Create a credential type (automated) that creates multiple credentials from the data object for the credit_cards.owned is:

{
    "title": "Owned",
    "description": "Example for owned attribute for BigBank",
    "metadata": {
        "fields": [
            {
                "id": "Directory Attribute -> int_id",
                "title": "int_id",
                "attribute": "${user.credit_cards['owned'][__ITERATOR__].int_id}",
                "isVisible": true,
                "type": "Directory Attribute"
            },
            {
                "id": "Directory Attribute -> customer_id",
                "title": "customer_id",
                "attribute": "${user.credit_cards['owned'][__ITERATOR__].customer_id}",
                "isVisible": true,
                "type": "Directory Attribute"
            }
        ],
        "textColor": "#000000",
        "version": 4
    },
    "cardDesignTemplate": "<svg xmlns=\"http://www.w3.org/2000/svg\" viewBox=\"0 0 740 480\">...</svg>",
    "multiple": {
        "expression": "${user.credit_cards['owned']}"
    }
}

The PEL expression in multiple.expression returns the count of objects in the credit_cards.owned object array of the data object. This populates the iteration limit of the system __ITERATOR__ variable seen in the PEL expressions of the two metadata.fields.attribute values.

Important considerations

  1. Do not use a multi-valued attribute type. Use a single JSON attribute that contains the necessary arrays.

    When configuring a custom JSON attribute for issuing multiple credentials for a user, the administrator can set it to a multi-valued type, which allows the attribute to be an array of JSON blobs. The PingOne Directory does not guarantee ordering for multi-valued attributes. Multi-valued attributes values are treated as a set rather than a list. This conflicts with how the service determines if a credential has changed, where order is essential. For example, a user has three credentials issued using a multi-valued type of [A, B, C]. If you add another JSON blob to the user attribute, one might expect the change to look like [A, B, C, D] (where each letter is a different credential) and issue one more credential to the user. However, with a multi-valued custom JSON attribute, the change may look like [A, C, D, B]. When the service compares the order, it interprets that two credentials have been updated and one more credential has been added.

    Due to this involuntary re-ordering behavior, multi-valued custom JSON attributes are strongly discouraged.

  2. Revocation can be affected by re-ordering.

    If the user has an array like [A, B, C] so that the service issues three credentials and an administrator then revokes the credential B, credential B remains revoked. If the user is updated to change some values in A, B, and C, A and C update while B remains revoked. However, if the user is updated with a new object or value added to the array such that it becomes [A, D, B, C], credential C updates to the values of B and a new credential issues for C. No credential will be issued or updated to have the values of D because it is in the second place and the credential for second place was revoked.

    To mitigate this behavior, always add new entries to the end of the arrays in the JSON blob.

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 Unexpected server error.

Create Credential Type (automated)


Create Credential Type (managed)


Read All Credential Types


Read All Credential Type Versions


Read One Credential Type


Read One Credential Type Version


Update a Credential Type


Delete a Credential Type

Credential Issuance Rules

Use the Credentials Issuance Rules operations to create, read, and update rules for issuing, updating, and revoking credentials by credential type. Rules are defined for:

  • A specific Credential Type in the endpoint

  • A specific Digital Wallet App in the request body

  • A specific set of users defined by one, and only one, of these filters in the request body:

A credential rule contains an automation object with available actions as keys: issue, revoke, and update. If an action is set to PERIODIC, the service performs the action at the end of the period. If an action is set to ON_DEMAND, you must use Apply Credential Issuance Rule Staged Changes to perform staged changes for those ON_DEMAND actions.

The general procedure for rules is:

  1. Create - create a new rule to stage actions for for the credential by user

  2. Update - update an existing rule to stage actions for the credential by user

  3. Staged Changes - show actions staged for execution

  4. Apply - act upon credentials staged for actions.

You can also monitor credential rules:

  • All Rules - view all rules defined for a credential type

  • One Rule - view a specific rule for a credential

  • Usage Counts - show counts by action applied to the credential by user

  • Usage Details - show details by action applied to the credential by user

You can, finally, remove a rule for a credential type:

  • Delete - remove a rule from a credential type

For actions set to PERIODIC, an improper credential could cause endless repetitious errors. The service monitors staged changes for errors. When an error occurs during processing, the service adds details of the error to the staged change so that errors can be tracked, counted, and returned to the user. If more than 3 errors occur for the same scheduled staged change, the service unschedules (changes stagedChanges.scheduled from true to false) that staged change so that the service no longer attempts to process it. The user can manually trigger the staged change with Apply Credential Issuance Rule Staged Changes.

Credentials unscheduled due to errors are reported. Some errors are known but there can also be unexpected errors. The errors.errorDetail object provides an error code and message. If the error was related to processing a specific credential field, the field name will be in errors.errorDetail.target. This includes the staged changes that exist when the request is made with 1 or more errors. It does not include a staged change that was failed in the past, but has since completed successfully or was deleted (because the user no longer matches the issuance rule). Requests that report errors include:

Credential Issuance Rules data model

Property Type Required? Mutable? Description
automation Object Required Mutable Contains a list of actions, as key names, and the update method for each action.
automation.issue String Required Mutable The method the service uses to issue credentials with the credential issuance rule. Can be PERIODIC or ON_DEMAND.
automation.revoke String Required Mutable The method the service uses to revoke credentials with the credential issuance rule. Can be PERIODIC or ON_DEMAND.
automation.update String Required Mutable The method the service uses to update credentials with the credential issuance rule. Can be PERIODIC or ON_DEMAND.
createdAt DateTime N/A Read-only Date and time the credential issuance rule was created.
credentialType.id String N/A Read-only Identifier (UUID) of the credential type with which this credential issuance rule is associated.
digitalWalletApplication.id String Optional Mutable Identifier (UUID) of the customer's Digital Wallet App that will interact with the user's Digital Wallet. Optional, and if present, digital wallet pairing automatically starts when a user matches the credential issuance rule.
environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential issuance rule exists.
filter Object Optional Mutable Contains one and only one filter (.groupIds, .populationIds, or .scim) that selects the users to which the credential issuance rule applies.
filter.groupIds String[] Required/Optional Mutable Array of one or more identifiers (UUIDs) of groups, any of which a user must belong for the credential issuance rule to apply. One and only one filter is required in filter, others are optional and cause an error if used.
filter.populationIds String[] Required/Optional Mutable Array of one or more identifiers (UUIDs) of populations, any of which a user must belong for the credential issuance rule to apply. One and only one filter is required in filter, others are optional and cause an error if used.
filter.scim String Required/Optional Mutable A SCIM query that selects users to which the credential issuance rule applies. One and only one filter is required in filter, others are optional and cause an error if used. For more information about SCIM syntax and operators, refer to Filtering collections.
id String N/A Read-only Identifier (UUID) of the credential issuance rule.
notification Object Optional Immutable Contains notification information. When this property is supplied, the information within is used to create a custom notification.
notification.methods String[] Optional Immutable Array of methods for notifying the user; can be EMAIL, SMS, or both.
notification.template Object Optional Immutable Contains template parameters.
notification.template.locale String Optional Immutable The ISO 2-character language code used for the notification; for example, en.
notification.template.variables Object[] Required/Optional Immutable An object of name-value pairs that defines the dynamic variables used by the content variant. Required if the template requires variables, otherwise ignored. For more information on dynamic variables, refer to Dynamic variables.
notification.template.variant String Optional Immutable The unique user-defined name for the content variant that contains the message text used for the notification. For more information on variants, refer to Creating custom contents.
status String Required Mutable Status of the credential issuance rule. Can be ACTIVE or DISABLED.
updatedAt DateTime N/A Read-only Date and time the credential issuance rule was last updated; can be null.

Actions within automation (.issue, .update, and .revoke) can be PERIODIC, the service applies the rule frequently every hour, or ON_DEMAND, the service applies the rule only with an Apply Credential Issuance Rule Staged Changes request. For ON_DEMAND, use Read Credential Issuance Rule Staged Changes to determine staged changes.

The one notification.template object applies a variant and locale to all three credential notification templates: credential_issued, credential_updated, and credential_revoked. When adding a variant or locale to any of the three notification templates, consider adding the same variant or locale to the other notification templates. If a requested variant is not defined, the notification uses the default notification template. If a requested locale is not defined, the notification uses the user's preferred language or, if the user has no preferred language, the default language of the environment.

Credential Issuance Rules staged changes data model

Property Type Required? Mutable? Description
stagedChanges.action String N/A Read-only Action determined by the service that should be taken for the credential based on the request that staged it. Can be ISSUE, UPDATE, or REVOKE.
stagedChanges.createdAt DateTime N/A Read-only Date and time the change was staged by the service.
stagedChanges.credentialType.id String N/A Read-only Identifier (UUID) of the credential type with which this credential issuance rule is associated.
stagedChanges.environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential issuance rule exists.
stagedChanges.issuanceRule.id String N/A Read-only Identifier (UUID) of the credential issuance rule.
stagedChanges.scheduled String N/A Read-only Whether or not the staged change is scheduled: true if the action on the credential issuance rule is set to PERIODIC and false if the action is set to ON_DEMAND.
stagedChanges.user.id String N/A Read-only Identifier (UUID) of the user identified by the filter on the credential issuance rule.
stagedChanges.errors Object[] N/A Read-only Array of objects representing credentials that had errors when attempting an action on it. Refer to Credential Issuance Rules errors object.

Credential Issuance Rules apply staged changes data model

This data model applies only to Read Credential Issuance Rule Staged Changes and Apply Credential Issuance Rule Staged Changes.

Property Type Required? Mutable? Description
issue String[] Optional Mutable Array of one or more identifiers (UUIDs) of users whose credentials are in an issue action state and should be issued.
revoke String[] Optional Mutable Array of one or more identifiers (UUIDs) of users whose credentials are in a revoke action state and should be revoked. Used only in the body of Apply Credential Issuance Rule Staged Changes.
update String[] Optional Mutable Array of one or more identifiers (UUIDs) of users whose credentials are in an update action state and should be updated. Used only in the body of Apply Credential Issuance Rule Staged Changes.
errors Object[] N/A Read-only Array of objects representing credentials that had errors when attempting an action on it. Refer to Credential Issuance Rules errors object.

Credential Issuance Rules usage counts data model

Property Type Required? Mutable? Description
issued Integer N/A Read-only Count of credentials issued by the rule since the time the credential issuance rule was created.
accepted Integer N/A Read-only Count of credentials accepted by users of credentials issued by the credential issuance rule since the time the credential issuance rule was created.
updated Integer N/A Read-only Count of credentials updated by the rule since the time the credential issuance rule was created.
revoked Integer N/A Read-only Count of credentials revoked by the rule since the time the credential issuance rule was created.
errors Integer N/A Read-only Count of credentials that caused errors since the time the credential issuance rule was created.

Credential Issuance Rules usage details data model

Property Type Required? Mutable? Description
issued Object[] N/A Read-only Credentials issued by the rule since the time the credential issuance rule was created.
issued.user.id String N/A Read-only Identifier (UUID) of the user identified by the filter on the credential issuance rule.
issued.credential.id String N/A Read-only Identifier (UUID) of the credential subject to the issue action identified by the credential issuance rule.
issued.createdAt DateTime N/A Read-only Date and time the credential was issued by the service.
updated Object[] N/A Read-only Credentials updated by the rule since the time the credential issuance rule was created.
updated.user.id String N/A Read-only Identifier (UUID) of the user identified by the filter on the credential issuance rule.
updated.credential.id String N/A Read-only Identifier (UUID) of the credential subject to the update action identified by the credential issuance rule.
updated.createdAt DateTime N/A Read-only Date and time the credential was updated by the service.
revoked Object[] N/A Read-only Credentials revoked by the rule since the time the credential issuance rule was created.
revoked.user.id String N/A Read-only Identifier (UUID) of the user identified by the filter on the credential issuance rule.
revoked.credential.id String N/A Read-only Identifier (UUID) of the credential subject to the revoke action identified by the credential issuance rule.
revoked.createdAt DateTime N/A Read-only Date and time the credential was revoked by the service.
errors Object[] N/A Read-only Array of objects representing credentials that had errors when attempting an action on it. Refer to Credential Issuance Rules errors object.

Credential Issuance Rules errors object

Property Type Required? Mutable? Description
errors Object[] N/A Read-only Array of objects representing errors recorded when attempting an action on a credential.
errors.recordedAt DateTime N/A Read-only Date and time the error was recorded by the service.
errors.errorDetail.code String N/A Read-only A code that indicates the error encountered by the service. Refer to Credential Issuance Rules staged changes error codes.
errors.errorDetail.target String N/A Read-only The part of the credential that caused the error encountered by the service.
errors.errorDetail.message String N/A Read-only A message that describes the error encountered by the service.
credentialType.id String N/A Read-only Identifier (UUID) of the credential type with which this credential issuance rule is associated.
environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential issuance rule exists.
issuanceRule.id String N/A Read-only Identifier (UUID) of the credential issuance rule.
user.id String N/A Read-only Identifier (UUID) of the user identified by the filter on the credential issuance rule.
id String N/A Read-only Identifier (UUID) of the error.
action String N/A Read-only Action determined by the service that should be taken for the credential based on the request that staged it. Can be ISSUE, UPDATE, or REVOKE.
scheduled String N/A Read-only Whether or not the staged change is scheduled: true if the action on the credential issuance rule is set to PERIODIC and false if the action is set to ON_DEMAND.
createdAt DateTime N/A Read-only Date and time the error was created by the service.
updatedAt DateTime N/A Read-only Date and time the error was updated by the service.

Credential Issuance Rules staged changes error codes

Error Code Description
TEMPLATE_ERROR An error in the template placeholders of the cardDesignTemplate SVG.
SVG_ERROR An error in the syntax of the cardDesignTemplate SVG.
CREDENTIAL_TYPE_INVALID Credential Type was invalid when the staged change was performed.
FILE_RESOLUTION_ERROR User attribute for a field with fileSupport did not reference a supported file, such as an unsupported URL, file too large, or error reading file.
CREDENTIAL_TOO_LARGE Size of data collected for the credential exceeds the maximum that can be stored in a credential.
UNEXPECTED_ERROR An unexpected error occurred.

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 Unexpected server error.

Create Credential Issuance Rule


Read All Credential Issuance Rules


Read One Credential Issuance Rule


Read All Credential Issuance Rule Staged Changes


Read One Credential Issuance Rule Staged Change


Read Credential Issuance Rule Usage Counts


Read Credential Issuance Rule Usage Details


Update Credential Issuance Rule


Apply Credential Issuance Rule Staged Changes


Delete Credential Issuance Rule

Digital Wallet Apps

The credential digital wallet apps service controls the relationship between the customer's digital wallet app, which communicates with users' digital wallets, and a customer's PingOne application.

Credential digital wallet app data model

Property Type Required? Mutable? Description
application.id String Required Immutable The identifier (UUID) of the PingOne application associated with the digital wallet app.
appOpenUrl String Required Mutable URL sent in notifications to the user to communicate with the service.
createdAt DateTime N/A Read-only Date and time the credential digital wallet app was created.
environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential digital wallet app exists.
id String N/A Read-only Identifier (UUID) associated with the credential digital wallet app.
name String Required Mutable Name associated with the digital wallet app.
updatedAt DateTime N/A Read-only Date and time the credential digital wallet app was last updated; can be null.
usesPingOneWalletSDK Boolean Optional Immutable Whether the user's wallet app uses the PingOne Wallet SDK; default is true.

Create Digital Wallet App


Read All Digital Wallet Apps


Read One Digital Wallet App


Update Digital Wallet App


Delete Digital Wallet App

Digital Wallets

The credential Digital Wallet service controls the relationship between a user's phone wallet app, which uses the Wallet SDK, and the customer's PingOne application. It also offers notifications when the PingOne application communicates with the user's Wallet SDK. Settings on the Digital Wallet configure sending push notifications from PingOne Credentials to the Wallet SDK of the user.

In the normal digital wallet pairing use case, you use Create Digital Wallet to create the Digital Wallet without the applicationInstance.id and a pairing session is created. The Digital Wallet service uses the digital_wallet_pairing notification template to send the pairing session URL (refer to appOpen.href in the response) to the user via email or text or you show a QR code (refer to qrUrl.href in the response) of the pairing session URL to the user. When the user opens the URL, it opens your app or takes them to a page with instructions on how to install the app. When the app opens the URL, it shares its applicationInstance.id with the service using the Wallet SDK.

Alternatively, you send the applicationInstance.id when you create the Digital Wallet. For example, if you have the user install your app, the user authenticates with your servers. When your app is installed, it creates an application instance. Since the app knows who the user is, the app sends its application instance identifier to your server and then your application sends the applicationInstance.id to the service when creating or updating the Digital Wallet. This creates a Digital Wallet with a known application instance identifier. Activation of the Digital Wallet requires sending some device data, such as SDK version and application bundle ID or package name, to PingOne Credentials:

  1. The service creates a pairing session and sends a pairing request message to the device.
  2. The Wallet SDK receives this request and the app approves the request.
  3. The Wallet SDK sends the device data to PingOne Credentials, which activates the Digital Wallet.

Credential digital wallet data model

Property Type Required? Mutable? Description
applicationInstance.id String Required/Optional Immutable Identifier (UUID) of the application running the Wallet SDK on the user's device and registered with the service. Registration is required before the wallet can be used. Registration is performed by a compatible wallet app using the Wallet SDK, or by the customer application using Create Digital Wallet or one Update Digital Wallet.
createdAt DateTime N/A Read-only Date and time the credential Digital Wallet was created.
deviceData Object N/A Read-only Contains metadata collected about the user's Wallet SDK.
digitalWalletApplication.id String Required Immutable Identifier (UUID) of the customer's PingOne application that interacts with the user's Wallet SDK.
environment.id String N/A Read-only PingOne environment identifier (UUID) in which the credential digital wallet app exists.
id String N/A Read-only Identifier (UUID) associated with the credential digital wallet.
notification Object Optional Immutable Contains notification information. When this property is supplied, the information within is used to create a custom notification.
notification.methods String[] Optional Immutable Array of methods for notifying the user; can be EMAIL, SMS, or both.
notification.results Object[] N/A Read-only Array of objects that contain the results of attempts to notify the user.
notification.results.error Object N/A Read-only Contains information regarding why a notification failed to send.
notification.results.error.code String N/A Read-only A short alphanumeric code identifying the error.
notification.results.error.details Object[] N/A Read-only Array of objects that contain details of the error as provided by the source of the error. Exact format varies by source.
notification.results.error.id String N/A Read-only Identifier (UUID) of the error message.
notification.results.error.message String N/A Read-only A textual message explaining the error.
notification.results.method String N/A Read-only Method used in the attempt to notify the user; can be EMAIL or SMS.
notification.results.notification.id String N/A Read-only Identifier (UUID) of the notification that was sent.
notification.results.sent Boolean N/A Read-only Whether the notification was successfully sent.
notification.template Object Optional Immutable Contains template parameters.
notification.template.locale String Optional Immutable The ISO 2-character language code used for the notification; for example, en.
notification.template.variables Object[] Required/Optional Immutable An object of name-value pairs that defines the dynamic variables used by the content variant. Required if the template requires variables, otherwise ignored. For more information on dynamic variables, refer to Dynamic variables.
notification.template.variant String Optional Immutable The unique user-defined name for the content variant that contains the custom message text used for the notification. For more information on variants, refer to Creating custom contents.
pairingAttempts Object[] N/A Read-only Array of result objects of all pairing attempts between the Digital Wallet and the Wallet SDK. Not returned when no pairing was attempted or when creating a Digital Wallet.
pairingAttempts.attemptedAt DateTime N/A Read-only Date and time the credential pairing was attempted.
pairingAttempts.details Object N/A Read-only Object with details regarding a pairing failure. Not returned when a pairing was successful. Content of the object varies depending on the error as explained in the Description column of Pairing attempt errors.
pairingAttempts.error String N/A Read-only As listed in the Error column of Pairing attempt error.
pairingAttempts.message String N/A Read-only Explanation of the error.
pairingAttempts.success Boolean N/A Read-only Whether the pairing attempt was successful.
pairingSession Object N/A Read-only Contains information regarding the pairing session.
status String Optional Mutable Status of the wallet; can be PAIRING_REQUIRED, ACTIVE, EXPIRED, or DISABLED.
updatedAt DateTime N/A Read-only Date and time the credential digital wallet was last updated; can be null.
user.id String N/A Read-only Identifier (UUID) of the user associated with the credential digital wallet.

Pairing attempt errors

Error Description
APP_PACKAGE_MISMATCH The package name or bundle ID sent by the Wallet SDK does not match the mobile settings of the PingOne Application (identified by digitalWalletApplication.id), details includes what was sent by the Wallet SDK in appPackage.
WALLET_ALREADY_PAIRED The digital wallet is already successfully paired or the instance of the Wallet SDK on the device has already been paired with a different digital wallet of the same user. If a user attempts to pair the same digital wallet twice, details includes the new application instance ID in newApplicationInstanceId. If a user attempts to pair the same Wallet SDK instance with a second digital wallet, details includes the existing digital wallet ID in existingDigitalWalletId.
WALLET_DISABLED Wallet is disabled.
UNEXPECTED_ERROR An unexpected error occurred in the service, no details object returned.

The digital wallet service uses the digital_wallet_pairing notification template to send the pairing session URL to the user via email or SMS text. The notification.template object can define a variant and locale for the notification, if needed.

Provisioned Credentials data model (wallet)

This object is shared with user credentials. It is returned only with Read One Digital Wallet Credentials and Read One User Credential Wallets. The former returns all user credentials associated with the specified digital wallet, the latter returns all digital wallets associated with the specified user credential.

Property Type Required? Mutable? Description
claimReference Object N/A Read-only The serialized JSON object used to create the ClaimReference object returned. This is needed to revoke an issued credential.
createdAt DateTime N/A Read-only Date and time the credential was provisioned.
credential.id String N/A Read-only Identifier (UUID) of the user credential associated with the provisioned credential.
digitalWallet.id String N/A Read-only Identifier (UUID) of the digital wallet associated with the provisioned credential.
environment.id String N/A Read-only Identifier (UUID) of the environment associated with the provisioned credential.
expiresAt Date N/A Read-only The date that the provisioned credential expires. If this value is null, the provisioned credential never expires.
id String N/A Read-only Identifier (UUID) of the provisioned credential.
status String N/A Read-only Status of the provisioned credential.
user.id String N/A Read-only Identifier (UUID) of the user associated with the provisioned credential.
walletActions Object[] N/A Read-only Array of actions taken regarding the provisioned credential.
walletActions.action String N/A Read-only Action taken regarding the provisioned credential; can be CREDENTIAL_ACCEPTED, CREDENTIAL_REJECTED, CREDENTIAL_REVOKED, or CREDENTIAL_DELETED.
walletActions.occurredAt DateTime N/A Read-only Date and time that the action occurred.

Create Digital Wallet


Read All Digital Wallets


Read One Digital Wallet


Read One Digital Wallet Credentials


Update Digital Wallet


Delete Digital Wallet

User Credentials

Use the User Credentials service to create a user credential and get the credential status. To issue the credential to the user you must first create a credential type (automated) or create a credential type (managed). After you create a credential type, you can issue credentials to users two ways depending on the management.mode of the credential type:

Regardless of management.mode, you can revoke a user credential, read all user credentials, read one user credential, or read one user credential wallets.

User Credentials data model

Property Type Required? Mutable? Description
createdAt DateTime N/A Read-only Date and time the user credential was created.
credentialType.id String Required Immutable Identifier of the credential type.
data Object Optional Mutable Fields submitted for the credential.
data.<field> String Required/Optional Mutable Fields for user data; refer to data object data model.
environment.id String N/A Read-only Identifier (UUID) of the environment associated with the user.
expiresAt DateTime Optional Mutable The date that the user credential expires. If this value is null, the credential never expires.
id String N/A Read-only Identifier (UUID) of the user credential.
notification Object Optional Immutable Contains notification information. When this property is supplied, the information within is used to create a custom notification.
notification.methods String[] Optional Immutable Array of methods for notifying the user; can be EMAIL, SMS, or both.
notification.results Object N/A Read-only Contains the results of attempts to notify the user.
notification.results.error Object N/A Read-only Contains information regarding why a notification failed to send.
notification.results.method String N/A Read-only Method used in the attempt to notify the user; can be EMAIL or SMS.
notification.results.notification.id String N/A Read-only Identifier (UUID) of the notification that was sent.
notification.results.sent Boolean N/A Read-only Whether the notification was successfully sent.
notification.template Object Optional Immutable Contains template parameters.
notification.template.locale String Optional Immutable The ISO 2-character language code used for the notification; for example, en.
notification.template.variables Object[] Required/Optional Immutable An object of name-value pairs that defines the dynamic variables used by the content variant. Required if the template requires variables, otherwise ignored. For more information on dynamic variables, refer to Dynamic variables.
notification.template.variant String Required Immutable The unique user-defined name for the content variant that contains the message text used for the notification. For more information on variants, refer to Creating custom contents.
status String N/A Read-only Status of the user credential.
title String N/A Read-only Returned as defined in the credential type.
updatedAt DateTime N/A Read-only Date and time the credential type was last updated; can be null.
user.id String Required Immutable Identifier (UUID) of the user. Supplied in the endpoint.

The one notification.template object applies a variant and locale to all three credential notification templates: credential_issued, credential_updated, and credential_revoked. When adding a variant or locale to any of the three notification templates, consider adding the same variant or locale to the other notification templates. If a requested variant is not defined, the notification uses the default notification template. If a requested locale is not defined, the notification uses the user's preferred language or, if the user has no preferred language, the default language of the environment.

Although notification.template is immutable, Update a User Credential can change notification.template on a specific credential for its life span.

data object data model

The data object can only be used for Credential Types where its management.mode is MANAGED. Individual fields in data can only be used where the corresponding credential type's metadata.fields.type is Alphanumeric Text. If the corresponding credential type's metadata.fields.value is valued, that value represents a default for the field and can be overridden in Create a User Credential or Update a User Credential API requests.

The data object contains any number of keys, where the key is the title in metadata.fields that represents a specific attribute of the credential type required by the issuer. For example, an insurance company might have a metadata.fields.title of Medical Limitations and the corresponding data key would be Medical Limitations. These data fields must match the metadata.fields defined for the credential type in credentialType.id. For more information on fields, refer to the fields object in metadata object data model and the data types in fields.type types.

Whether any given data.<field> is required or optional depends on the corresponding fields.required and fields.value in the metadata object of the credential type. A data.<field> is required when fields.required is true and no fields.value exists and optional when fields.required is false or when fields.value has a value.

Provisioned Credentials data model (credential)

This object is shared with digital wallets. It is returned only with Read One User Credential Wallets and Read One Digital Wallet Credentials. The former returns all digital wallets associated with the specified user credential, the latter returns all user credentials associated with the specified digital wallet.

Property Type Required? Mutable? Description
claimReference Object N/A Read-only The serialized JSON object used to create the ClaimReference object returned. This is needed to revoke an issued credential.
createdAt DateTime N/A Read-only Date and time the credential was provisioned.
credential.id String N/A Read-only Identifier (UUID) of the user credential associated with the provisioned credential.
digitalWallet.id String N/A Read-only Identifier (UUID) of the digital wallet associated with the provisioned credential.
environment.id String N/A Read-only Identifier (UUID) of the environment associated with the provisioned credential.
expiresAt Date N/A Read-only The date that the provisioned credential expires. If this value is null, the provisioned credential never expires.
id String N/A Read-only Identifier (UUID) of the provisioned credential.
status String N/A Read-only Status of the provisioned credential.
user.id String N/A Read-only Identifier (UUID) of the user associated with the provisioned credential.
walletActions Object[] N/A Read-only Array of actions taken regarding the provisioned credential.
walletActions.action String N/A Read-only Action taken regarding the provisioned credential; can be CREDENTIAL_ACCEPTED, CREDENTIAL_REJECTED, CREDENTIAL_REVOKED, or CREDENTIAL_DELETED.
walletActions.occurredAt DateTime N/A Read-only Date and time that the action occurred.

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 Unexpected server error.

Create a User Credential


Read All User Credentials


Read One User Credential


Read One User Credential Wallets


Update a User Credential


Revoke a User Credential

Credential Verifications

The Credential Verification service receives, and responds to, requests for credential verification using Decentralized Identity Foundation Java Web Token Verifiable Credentials Presentation Profile (DIF JWT-VC Profile). The profile uses such open standards as:

  • World Wide Web Consortium (W3C) Decentralized Identifiers (DID) for core architecture, data model, and representations

  • W3C Verifiable Credentials Data Model for the presentation data model

  • DIF Presentation Exchange for credential request

  • OpenID for Verifiable Presentations (OpenID4VP ID1) as the base protocol for transportation

Use of these standards provides interoperability with any app that complies with DIF JWT-VC Profile.

The service can also use PingOne native protocols. The PingOne native protocol only works with apps that use the PingOne Neo Native SDKs, which has more features but is restricted to only supported apps.

Credential Verifications session data model

Property Type Required? Mutable? Description
_links.appOpenURL.href String N/A Read-only URL to use in a mobile browser to open a compatible wallet app, such as the PingOne Neo Sample App.
_links.qr.href String N/A Read-only URL to return a QR code that, when evaluated, opens the compatible wallet app to this verification.
_links.self.href String N/A Read-only URL to return this same response.
applicationInstance.id String Required/Optional Immutable Identifier (UUID) of the application running the Wallet SDK on the user's device and registered with the service. When set and protocol is NATIVE, the service sends a push notification to the application instance using the settings of the digital wallet application.
didMethod String Optional Immutable The decentralized identifier method to use during the credential verification session. Can be JWK, the default, or ION.
digitalWalletApplication.id String Optional Immutable Identifier (UUID) of the customer's digital wallet app that interacts with the user's digital wallet. When set and protocol is NATIVE, the service uses the appOpenURL defined on the Digital Wallet App instead of shocard.pingone.com.
errors Object[] N/A Read-only Array of objects representing errors recorded when attempting an action on a credential. Refer to Credential Verifications errors object data model.
id String N/A Read-only Identifier (UUID) of the credential verification session.
issuerFilter.dids String[] Optional Immutable Array of unique Decentralized Identifiers (DID). Ignored if protocol is NATIVE. Refer to the note following this table.
issuerFilter.environmentIds String[] Optional Immutable Array of PingOne environment identifiers. Refer to the note following this table.
message String Optional Immutable A message shown to the user by the compatible wallet app to alert the user.
notification Object Optional Immutable Contains notification information. When protocol is NATIVE and applicationInstance.id is set, permits administrators to customize their push notification.
notification.template Object Optional Immutable Contains template parameters.
notification.template.locale String Optional Immutable The ISO 2-character language code used for the notification; for example, en.
notification.template.variables Object[] Required/Optional Immutable An object of name-value pairs that defines the dynamic variables used by the content variant. Required if the template requires variables, otherwise ignored. For more information on dynamic variables, refer to Dynamic variables.
notification.template.variant String Optional Immutable The unique user-defined name for the content variant that contains the message text used for the notification. For more information on variants, refer to Creating custom contents.
protocol String Optional Immutable Protocol to use for verification; can be OPENID4VP or NATIVE. If not present, defaults to NATIVE.
requestedCredentials Object[] Required Immutable Array of objects that contain the type of credentials to verify and the keys to return from the credential. Refer to the important note following this table.
requestedCredentials.keys String[] Optional Immutable Array of strings that identify the key names for selective disclosure to return from the credential.
requestedCredentials.type String Required Immutable Type of credential to verify. Must be the name of a PingOne credential type issued by the credential issuer.
status String N/A Read-only Status of the verification request; can be INITIAL, WAITING, VERIFICATION_SUCCESSFUL, VERIFICATION_FAILED, or VERIFICATION_EXPIRED.

The digital wallet service uses the credential_verification notification template to send a push notification to a digital wallet when a Create Credential Verification Session (NATIVE - Push Notification) is created. The notification.template object can define a variant and locale for the notification, if needed.

If issuerFilter.environmentIds is submitted, the service searches all listed environments for the issuer of the presented credential. If the user presents a credential that is not from one of these issuers, the verification fails with status of VERIFICATION_FAILED.

If issuerFilter.dids is submitted and protocol is OPENID4VP, the service searches all listed decentralized identifiers (DID) for the issuer of the presented credential. If the user presents a credential that is not from one of these issuers, the verification fails with status of VERIFICATION_FAILED.

This issuerFilter.dids typically contains decentralized identifiers for issuers that are not using PingOne Credentials for JWT-VC issuance. The service supports these three DID methods:

Credential Verifications credential data data model

Property Type Required? Mutable? Description
_links.self.href String N/A Read-only URL to return this verification credential data.
credentialData Object[] N/A Read-only Array of objects containing the data found on the credential.
credentialData.data Object[] N/A Read-only Array of objects containing the name-value pairs found on the credential. If a credential has not yet been shared, status is INITIAL or WAITING, then returns as an empty array.
credentialData.data.key String N/A Read-only Name of the key of a name-value pair found on the credential.
credentialData.data.value String N/A Read-only Value of a name-value pair found on the credential.
credentialData.issuerId String N/A Read-only Identifier (UUID) of the issuer of the credential verified in the format from the credential issuer.
credentialData.issuerLogo String N/A Read-only Base64-encoded logo of the issuer of the credential.
credentialData.issuerName String N/A Read-only Name of the issuer of the credential verified.
credentialData.type String N/A Read-only Space-delimited list of the types of credential verified.
credentialData.types String[] N/A Read-only Array of the types of credential verified.
errors Object[] N/A Read-only Array of objects representing errors recorded when attempting an action on a credential. Refer to Credential Verifications errors object data model.
id String N/A Read-only Identifier (UUID) of the verification credential data.
status String N/A Read-only Status of the verification request; can be INITIAL, WAITING, VERIFICATION_SUCCESSFUL, VERIFICATION_FAILED, or VERIFICATION_EXPIRED.

Credential Verifications session data data model

Property Type Required? Mutable? Description
_links.appOpenURL.href String N/A Read-only URL to use in a mobile browser to open a compatible wallet app, such as the PingOne Neo Sample App.
_links.qr.href String N/A Read-only URL to return a QR code that, when evaluated, opens the compatible wallet app to this verification.
_links.self.href String N/A Read-only URL to return this verification session data.
applicationInstance.id String N/A Read-only Identifier (UUID) of the application running the Wallet SDK on the user's device and registered with the service.
errors Object[] N/A Read-only Array of objects representing errors recorded when attempting an action on a credential. Refer to Credential Verifications errors object data model.
id String N/A Read-only Identifier (UUID) of the verification session data.
status String N/A Read-only Status of the verification request; can be INITIAL, WAITING, VERIFICATION_SUCCESSFUL, VERIFICATION_FAILED, or VERIFICATION_EXPIRED.
verifiedData Object[] N/A Read-only Array of objects containing the data found on the credential.
verifiedData.data Object[] N/A Read-only Array of objects containing the name-value pairs found on the credential. If a credential has not yet been shared, status is INITIAL or WAITING, then returns as an empty array.
verifiedData.data.key String N/A Read-only Name of the key of a name-value pair found on the credential.
verifiedData.data.value String N/A Read-only Value of a name-value pair found on the credential.
verifiedData.metaData Object N/A Read-only Contains metadata associated with the credential.
verifiedData.metaData.issuanceDate String N/A Read-only The date and time the credential was issued in ISO 8601 YYYY-MM-DDTHH:MM:SS.sssZ format (milliseconds optional).
verifiedData.metaData.issuerId String N/A Read-only Identifier (UUID) of the issuer of the credential verified in the format from the credential issuer.
verifiedData.metaData.issuerLogo String N/A Read-only Base64-encoded logo of the issuer of the credential.
verifiedData.metaData.issuerName String N/A Read-only Name of the issuer of the credential verified.
verifiedData.metaData.verificationStatus String N/A Read-only Verification status of the credential. Can be VALID or INVALID.
verifiedData.type String N/A Read-only Space-delimited list of the types of credential verified.
verifiedData.types String[] N/A Read-only Array of the types of credential verified.

Credential Verifications errors object data model

Property Type Required? Mutable? Description
errors.code String N/A Read-only A code that indicates the error encountered by the service. Refer to Credential Verifications error codes.
errors.target String N/A Read-only The part of the credential that caused the error encountered by the service.
errors.message String N/A Read-only A message that describes the error encountered by the service.

Credential Verifications error codes

Code Message
REQUESTED_CREDENTIAL_MISSING One or more of the requested credential types is not included in the presentation from the user.
REQUESTED_FIELD_MISSING One or more of the requested fields for one or more credential types is not included in the presentation from the user.
INVALID_TOKEN The idToken presented by the user's wallet is not valid (format or signature error).
INVALID_CREDENTIAL One or more of the credentials presented by the user could not be validated. Many different errors can cause this. A more specific error is returned in the errors array of the Read Credential Verification Credential Data or Read Credential Verification Session Data response.
UNEXPECTED_ERROR An unexpected error occurred during credential verification.

Response codes

Code Message
200 Successful operation.
400 The request could not be completed.
401 You do not have access to this resource.
403 You do not have permissions or are not licensed to make this request.
404 The requested resource was not found.
500 Unexpected server error.

Create Credential Verification Session (OPENID4VP)


Create Credential Verification Session (NATIVE)


Create Credential Verification Session (NATIVE - Push Notification)


Delete Credential Verification Session


Read One Credential Verification Status


Read Credential Verification Credential Data


Read Credential Verification Session Data

PingOne Verify

For a user to initiate an ID verification request, the client must obtain an ID verification transaction record from the ID verification service. The transaction record is created when a POST {{apiPath}}/environments/{{envID}}/users/{{userID}}/verifyTransactions request is made.

The transaction record acts as permission for the user to engage in the verification process. The user can then submit the necessary user ID information (such as a driver license or passport) for verification by the ID Validation service. The user can also send a self-image that the ID Validation service compares to the submitted identity document, to ensure the submitter is the person on the document, and checks for liveness, to prevent fraud.

One of the challenges to identity proofing is getting high quality images from the user. Our Universal Capture frontends do the best quality verification they can, but it is still possible that the images will not pass the quality check of the identity proofing vendor. When images are taken during verification (such as submitting government documents, liveness checks, or selfies), retries can be permitted to obtain a satisfactory image for processing. The number of retries permitted, if any, are set on the Verify Policy. The user's Universal Capture interface, such as a mobile phone with an app using the PingOne Verify Native SDKs, and the verification service negotiate directly for retries when an unacceptable image is submitted and a retry is permitted. Interaction at the API level is not required.

Once verified, the transaction record also acts as a tracking mechanism to identify the user provisioned using ID Validation. This information is logged with the transaction record by the ID Validation service when the transaction ID is received by the client.

US-based Driver Licenses

Document verification provides additional verification support with American Association of Motor Vehicle Administrators (AAMVA). AAMVA offers a service, Driver's License Data Verification (DLDV), for identity proofing and vetting driver license, identity cards, mobile driver license (mDL), and other secure credentials. Most states (43) and the District of Columbia participate in DLDV. No U.S. territories participate. The states that do not participate in DLDV are:

  • Alaska (under review)
  • California (SSA only)
  • Louisiana (SSA only)
  • Minnesota (SSA only)
  • New York (SSA only)
  • Pennsylvania (participates but requires written permission from the individual)
  • Utah (SSA only)

SSA only indicates that only the Social Security Administration has access, not even other government agencies have access. SSA uses AAMVA for employment eligibility.

Submitting state-issued driver's license or identity document to DLDV increases the accuracy of document authentication and also checks their validity by the state government. Accuracy and validity increase by comparing the biographic data, selfie, or both with the issuing government system of record, or another authoritative commercial system of record when the government system of record is unavailable. Results of DLDV checks are returned with the results of other checks in the Verification Metadata.

Request groups

The requests are grouped by endpoints for ease of use.

Documentation Endpoint
Verify policies /environments/{{envID}}/users/{{userID}}/verifyPolicies
Verify transactions /environments/{{envID}}/users/{{userID}}/verifyTransactions
Verify voice phrases /environments/{{envID}}/voicePhrases
Verify reference data /environments/{{envID}}/users/{{userID}}/referenceData
Verify identity record matching /environments/{{envID}}/users/{{userID}}/identityRecordMatching
Verify documents /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/documents
Verified data /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/verifiedData
Verification metadata /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/metaData
Verification metrics /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/appEvents
Verification actions /environments/{{envID}}/users/{{userID}}/<action>

Verify Policies

With verify policies, you can:

  • Configure what is required to verify a user.
  • Configure parameters for verification, such as the number of one-time password (OTP) attempts and OTP expiration.

You can create as many verify policies as needed to satisfy every verification scenario.

Verify policies can perform any of ten checks:

  • Government identity document - Validate a government-issued identity document, which includes a photograph, and can optionally compare biographic data extracted from the government-issued identity document to biographic data provided by the client from their records

  • AAMVA - For US-based government identity documents, you can enable system of record verification, using American Association of Motor Vehicle Administrators(AAMVA) Driver's License Data Verification (DLDV, for environments in the North America region (licensed separately) on the governmentID configuration object. This is an option to government identity document verification.

  • Aadhaar - For India-based government Aadhaar documents, you can enable system of record verification, using Unique Identification Authority of India (UIDAI), of the resident's unique identification (UID) number, termed Aadhaar. The resident submits images of their Aadhaar card, the UID, and a selfie, and must successfully respond to a one-time passcode (OTP) sent to the mobile phone linked to their Aadhaar account. This is an option to government identity document verification. If Aadhaar is enabled, the verify policy must have facial comparison REQUIRED. If Aadhaar is enabled and initial evaluation of the submitted document indicates an Aadhaar document, Veriff is the provider irrespective of the governmentId.provider object.

  • Facial comparison - Compare a self-image to a reference photograph, such as on a government ID or previously verified photograph

  • Liveness - Inspect a self-image for evidence that the subject is alive and not a representation, such as a photograph or mask, and that the image is not an injection attack, such as a 3D rendering or deep fake

  • Identity record matching - Compare submitted biographic data (address, birth date, full name, given name, or family name) to an identity record

  • Email - Receive a one-time password (OTP) on an email address and return the OTP to the service

  • Phone - Receive a one-time password (OTP) on a mobile phone and return the OTP to the service

  • Voice - Compare a voice recording to a previously submitted reference voice recording

  • Credentials - Verify a presented digital credential

A verify policy defines which of the ten checks are performed for a verification transaction and configures the parameters of each check. The checks can be either required or optional. All checks are performed for every document type received regardless of whether any check fails. If a type is optional, then the transaction can be processed with or without the documents for that type. If the documents are provided for that type and the optional type verification fails, it will not cause the entire transaction to fail.

Injection attack detection check (IAD) is performed automatically when liveness check is required, after the liveness check is performed. When face comparison is required or both face comparison and liveness are required, the following rules apply:

  1. If face comparison and liveness are required: Face comparison check is performed and liveness check is performed then IAD is performed. If data collection only is set, face comparison and liveness checks are skipped and only IAD is performed.

  2. If face comparison is required and liveness is not required: Face comparison check is performed and, if successful, IAD is performed regardless of the state of data collection only.

  3. If face comparison is not required and liveness is required: Liveness check is performed then IAD is performed. If data collection only is set liveness checks is skipped and IAD is performed.

Available to a verify policy for any of the checks is the optional data collection only mode, when dataCollectionOnly is set to true (found in the transaction configuration object). In data collection only mode, the user submits all documents defined by the policy, but the service verifies none of them. Once submitted, you can retrieve the documents with Read All Verification Documents or Read One Verification Document.

You assign one verify policy as the default policy. When you create a verification transaction, a verify policy identifier is preferred, but not required. If you create a verification transaction without a policy identifier, the default policy is applied. You cannot delete a policy set as the default policy, you must first assign a different policy as the default and then delete this policy. Use the Update Verify Policy request to change the default policy or use the Create Verify Policy to create a new default policy by setting its default to true. The initial default policy, provided by PingOne Verify, performs government identity document, facial comparison, and liveness checks.

Verify policies also permit voice enrollment. Voice enrollment requires a verify policy that has enrollment set to true. When you prepare a voice enrollment, you Create Verify Transaction that references that verify policy with enrollment set to true. Subsequent voice verification requires a verify policy that has enrollment set to false. When you prepare a voice verification, you Create Verify Transaction that references that verify policy with enrollment set to false.

Verify policy data model

Property Type Required? Mutable? Description
createdAt String N/A Read-only Date and time the verify policy was created
default Boolean Optional Mutable Required as true to set this verify policy as the default policy for the environment; otherwise optional and defaults to false
description String Optional Mutable Description displayed in PingOne Admin UI, 1-1024 characters
email Object Optional Mutable email and phone configuration object
environment.id String Required Immutable Ping environment identifier (UUID) for user
facialComparison Object Optional Mutable facialComparison configuration object
governmentId Object Optional Mutable governmentID configuration object
id String N/A Read-only Policy identifier (UUID)
identityRecordMatching Object Optional Mutable identityRecordMatching configuration object
liveness Object Optional Mutable liveness configuration object
name String Required Mutable Name displayed in PingOne Admin UI
phone Object Optional Mutable email and phone configuration object
transaction Object Optional Mutable transaction configuration object
updatedAt String N/A Read-only Date and time the verify policy was updated. Can be null.
voice Object Optional Mutable voice configuration object

governmentID configuration object

The GOVERNMENT_ID configuration object includes BIOGRAPHIC_MATCHING in the policy (if biographic data is provided when the client creates a verify transaction), but results are returned separately in Verification Metadata.

Property Type Required? Mutable? Description
aadhaar Object Optional Mutable Aadhaar configuration
aadhaar.enabled Boolean Optional Mutable Whether Aadhaar verification is enabled or not
aadhaar.otp Object Optional Mutable Aadhaar one-time password (OTP) configuration
aadhaar.otp.
deliveries
Object Required Mutable OTP delivery configuration
aadhaar.otp.
deliveries.
coolDown
Object Required Mutable Cooldown (waiting period between OTP deliveries) configuration
aadhaar.otp.
deliveries.
coolDown.
duration
Integer Required Mutable Cooldown duration configuration; can be 60-1800 seconds (1-30 minutes)
aadhaar.otp.
deliveries.
coolDown.
timeUnit
String Required Mutable Time unit of cooldown duration: SECONDS or MINUTES
aadhaar.otp.
deliveries.
count
Integer Required Mutable Maximum number of OTP deliveries. Must be 1 to 3.
failExpiredId Boolean Optional Mutable Whether the Government ID verification fails when the document is expired
inspectionType String Optional Mutable Determine whether document authentication is automated, manual, or possibly both. Can be AUTOMATIC, MANUAL, or STEP_UP. Refer to notes following this table.
provider.auto String Optional Mutable Provider to use for the automatic verification service. Can be MITEK (the default) or VERIFF
provider.manual String Optional Mutable Provider to use for the manual verification service. Can be MITEK
retry.attempts Integer Optional Mutable Number of retries permitted when submitting images. Must be 0 (no retries permitted) to 3.
verify String Required Mutable Controls if Government ID verification is REQUIRED, OPTIONAL, or DISABLED
verifyAamva Boolean Optional Mutable Whether AAMVA DLDV verification is enabled for supported driver licenses

Options for inspectionType are:

  • AUTOMATIC invokes automated identification inspection only

  • MANUAL invokes manual identification inspection only (additional license required)

  • STEP_UP invokes automated identification inspection and, if that fails, invokes manual identification inspection (additional license required)

If verify is set to DISABLED, inspectionType is optional and ignored if used.

If inspectionType is not used, it defaults to the highest option available to the license capabilities in your environment. Similarly, availability of the options depend on the license capabilities of your environment. For example, if your environment is only licensed for automated identification inspection, then MANUAL and STEP_UP will not be available.

facialComparison configuration object

If Aadhaar is enabled in the GOVERNMENT_ID configuration object, the FACIAL_COMPARISON configuration object must have verify set to REQUIRED.

Property Type Required? Mutable? Description
threshold String Required Mutable Threshold for successful facial comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
verify String Required Mutable Controls if facial comparison is REQUIRED, OPTIONAL, or DISABLED

liveness configuration object

The LIVENESS configuration object includes INJECTION_DETECTION in the policy, but results are returned separately in Verification Metadata.

Property Type Required? Mutable? Description
retry.attempts Integer Optional Mutable The number of times a user can retake a selfie if prior attempt fails due to photo quality issues. Possible values for selfie retry attempts are 0-3.
threshold String Required Mutable Threshold for successful facial comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
verify String Required Mutable Controls if liveness check is REQUIRED, OPTIONAL, or DISABLED

identityRecordMatching configuration object

If governmentId.verify is DISABLED, then identity record matching is disabled. To enable identity record matching, at least one field must be defined with a threshold. If identity record matching is enabled and biographic data is provided when the client creates a verify transaction, results are returned separately in Verification Metadata.

Property Type Required? Mutable? Description
address String Optional Mutable Address of the user.
address.fieldRequired Boolean Required Mutable Whether the field is required or not
address.threshold String Required Mutable Threshold for successful address comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
birth_date String Optional Mutable Birth date of the user.
birth_date.fieldRequired Boolean Required Mutable Whether the field is required or not
birth_date.threshold String Required Mutable Threshold for successful birth date comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
family_name String Optional Mutable Family name of the user.
family_name.fieldRequired Boolean Required Mutable Whether the field is required or not
family_name.threshold String Required Mutable Threshold for successful family name comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
given_name.fieldRequired Boolean Required Mutable Whether the field is required or not
given_name String Optional Mutable Given name of the user.
given_name.threshold String Required Mutable Threshold for successful given name comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).
name String Optional Mutable Full name of the user.
name.fieldRequired Boolean Required Mutable Whether the field is required or not
name.threshold String Required Mutable Threshold for successful full name comparison. Can be LOW, MEDIUM, or HIGH (for which PingOne Verify uses industry and vendor recommended definitions).

email and phone configuration object

Property Type Required? Mutable? Description
createMfaDevice Boolean Optional Mutable When enabled, PingOne Verify registers the email address or phone number with PingOne MFA as a verified MFA device
otp Object Optional Mutable SMS/Voice/Email one-time password (OTP) configuration
otp.
attempts
Object Required Mutable OTP attempts configuration
otp.
attempts.
count
Integer Required Mutable Maximum number of attempts to type the OTP
otp.
deliveries
Object Required Mutable OTP delivery configuration
otp.
deliveries.
coolDown
Object Required Mutable Cooldown (waiting period between OTP deliveries) configuration
otp.
deliveries.
coolDown.
duration
Integer Required Mutable Cooldown duration configuration; can be 0-1800 seconds (0-30 minutes)
otp.
deliveries.
coolDown.
timeUnit
String Required Mutable Time unit of cooldown duration: SECONDS or MINUTES
otp.
deliveries.
count
Integer Required Mutable Maximum number of OTP deliveries
otp.
lifeTime
Object Required Mutable The length of time for which the OTP is valid
otp.
lifeTime.
duration
Integer Required Mutable OTP duration configuration. Can be 60-1800 seconds (1-30 minutes)
otp.
lifeTime.
timeUnit
String Required Mutable Time unit of OTP duration configuration: SECONDS or MINUTES
otp.
notification
Object Required Mutable OTP notification template configuration; for more information about templates, refer to Notifications Templates
otp.
notification.
templateName
String Required Mutable Name of the template to use to pass a one-time passcode; must be email_phone_verification
otp.
notification.
variantName
String Optional Mutable Name of the template variant to use to pass a one-time passcode
verify String Required Mutable Controls if email or phone verification is REQUIRED, OPTIONAL, or DISABLED

The notification.variantName in the email and phone configuration objects can define a variant for the email_phone_verification notification submitted in notification.templateName, if needed. After receipt of a Create Verify Transaction request, the verification service uses an email_phone_verification notification template to send notice of the action taken to the user via email or SMS text.

transaction configuration object

In the verify transaction response is expiresAt. Transactions do not allow users an unlimited amount of time to submit verification data and complete the verify transaction. If the verify transaction is not completed before the expiresAt date and time, the transaction fails. If all required documents are collected but are still being processed when expiresAt is reached, document processing continues and the transaction either passes or fails based on the processing result. The default verify transaction timeout is 30 minutes from transaction creation.

Furthermore, data collection is also time-constrained. (Data collected, such as the images of documents and images of the user ("selfies"), are required by the verification service.) Data collection time starts when the user initiates data collection using PingOne Verify web or native SDK. If required data are not submitted by the lesser of the data collection timeout and the time remaining before expiresAt, the transaction fails. The default data collection timeout is 15 minutes from the start of data collection.

To understand the timeouts, particularly the data collection timeout, an example may help. Let us say that the verify transaction timeout is 30 minutes and the data collection timeout is 15 minutes. If the user does not begin data collection for 18 minutes, the data collection timeout becomes 12 minutes - the lesser of the data collection timeout (15 minutes) and the remaining time before expiresAt (12 minutes).

You can create a new verify policy or update an existing verify policy to use different timeouts.

Property Type Required? Mutable? Description
dataCollection Object Optional Mutable Object for data collection timeout definition
dataCollection.
timeout
Object Required Mutable Object for data collection timeout
dataCollection.
timeout.
duration
Integer Required Mutable Length of time before data collection timeout expires. Can be 0-1800 seconds (0-30 minutes)
dataCollection.
timeout.
timeUnit
String Required Mutable Time unit of data collection timeout. Can be SECONDS or MINUTES
dataCollectionOnly Boolean Optional Mutable When true, collects documents specified in the policy without determining their validity; defaults to false
timeout Object Optional Mutable Object for transaction timeout
timeout.
duration
Integer Required Mutable Length of time before transaction timeout expires. Can be 60-1800 seconds (1-30 minutes)
timeout.
timeUnit
String Required Mutable Time unit of transaction timeout. Can be SECONDS or MINUTES

If dataCollectionOnly is true, documents submitted by a user are retained and available from Verify Documents, but are not verified. Additionally, when the verification policy requires facialComparison configuration object or liveness configuration object, injection attack detection is still automatically performed.

voice configuration object

Property Type Required? Mutable? Description
comparison.
threshold
String Required Mutable Comparison threshold. Can be LOW, MEDIUM, or HIGH
enrollment Boolean Required Mutable Controls if the transaction performs voice enrollment (true) or voice verification (false)
liveness.
threshold
String Required Mutable Liveness threshold. Can be LOW, MEDIUM, or HIGH
referenceData Object Optional Mutable Object for configuration of reference data stored per user for voice verification
referenceData.
retainOriginalRecordings
Boolean Optional Mutable Controls if the service stores the original voice recordings; defaults to false
referenceData.
updateOnReenrollment
Boolean Optional Mutable Controls updates to user's voice reference data (voice recordings) upon user re-enrollment. If true, new data adds to existing data. If false, new data replaces existing data.
referenceData.
updateOnVerification
Boolean Optional Mutable Controls updates to user's voice reference data (voice recordings) upon user verification. If true, new data adds to existing data. If false, new voice recordings are not retained as reference data.
textDependent Object Optional Mutable Object for configuration of text dependent voice verification
textDependent.
phrase.
id
String Required Mutable Identifier (UUID) of the voice phrase to use
textDependent.
samples
Integer Required Mutable Number of voice samples to collect
verify String Required Mutable Controls if voice verification is REQUIRED, OPTIONAL, or DISABLED

Create Verify Policy


Read All Verify Policies


Read One Verify Policy


Update Verify Policy


Delete Verify Policy

Verify Transactions

For each verification attempt, all the necessary information is gathered in a transaction. The verifyTransactions endpoint, /environments/{{envID}}/users/{{userID}}/verifyTransactions, receives all read, status, and control requests associated with the verification attempt.

In the responses is the verificationStatus object, a list that indicates the verification types being verified by the service and the verification status of each step. The verification types are keys in the list and the verification status is the value in the list.

The verification types for a verify transaction are determined from the verify policy.

In the response is expiresAt. Transactions do not allow users an unlimited amount of time to submit verification data and complete the verify transaction. If the verify transaction is not completed before the expiresAt date and time, the transaction fails. If all required documents are collected but are still being processed when expiresAt is reached, document processing continues and the transaction either passes or fails based on the processing result. The default verify transaction timeout is 30 minutes from transaction creation.

Furthermore, data collection is also time-constrained. (Data collected, such as the images of documents and images of the user ("selfies"), are required by the verification service.) Data collection time starts when the user initiates data collection using PingOne Verify web or native SDK. If required data are not submitted by the lesser of the data collection timeout and the time remaining before expiresAt, the transaction fails. The default data collection timeout is 15 minutes from the start of data collection.

To understand the timeouts, particularly the data collection timeout, an example may help. Let us say that the verify transaction timeout is 30 minutes and the data collection timeout is 15 minutes. If the user does not begin data collection for 18 minutes, the data collection timeout becomes 12 minutes - the lesser of the data collection timeout (15 minutes) and the remaining time before expiresAt (12 minutes).

You can create a new verify policy or update an existing verify policy to use different timeouts.

Verify transaction data model

Property Type Required? Mutable? Description
callback Object Optional Immutable Object containing a callback target. The first time a transaction transitions to SUCCESS or FAIL (expired transactions are ignored when they transition to FAIL), the service makes one GET request to the URL with the expected headers.
callback.headers Object Optional Immutable Object containing request header fields to include with the callback request. Can contain any number of key-value pairs where the key is a header field name and its value is the header field value, which cannot be null. Duplicate keys are not permitted.
callback.url String Required Immutable The URL to which a callback is sent. Must use HTTPS protocol and be a valid URL.
createdAt DateTime N/A Read-only Date and time the ID verification request was sent
environment.id String Required Immutable PingOne environment identifier (UUID) for user
expiresAt DateTime N/A Read-only Date and time the ID verification expires. A null value indicates it never expires.
id String N/A Read-only Transaction identifier (UUID)
qrUrl String N/A Read-only A link to retrieve a QR code image encoded with webVerificationUrl
redirect Object Optional Mutable Contains the URL and user message for where users are redirected after document collection.
requirements Object Optional Mutable Contains one or more objects that contain information used by the service: requirements object
sendNotification Object Optional Mutable Endpoint to which notifications are sent: sendNotification object
transactionStatus Object Required Immutable Status of the transaction: transactionStatus object
updatedAt DateTime N/A Read-only Date and time the response was received by the identity provider; can be null
user.id String Required Immutable Identifier (UUID) for the user submitting the verify transaction
verifyPolicy.id String Optional Mutable Identifier (UUID) of the verify policy
webVerificationCode String N/A Read-only A code used to identify a particular transition from the desktop web interface to the mobile web interface
webVerificationUrl String N/A Read-only A link to continue the transition from the desktop web interface to the mobile web interface. Refer to the note regarding query parameter options following this table.

The webVerificationUrl has query parameter options:

  1. You can append a &dt=1 query parameter to webVerificationUrl. You can offer to redirect your users to a mobile or desktop browser-based verification. By default, on laptop or desktop browsers, you present to the user a page with the QR code to continue verification on their mobile device. A &dt=1 query parameter also permits verification on laptop or desktop browsers.

  2. Deprecated - This query parameter is replaced by message in the redirect object. You can append a &redirectMessage=<message> query parameter to webVerificationUrl, where <message> is an unquoted, URL-encoded text string. The message appears after document collection. For example: &redirectMessage=You%27ve%20successfully%20collected%20all%20document%2e%20Return%20to%20registration.

  3. Deprecated - This query parameter is replaced by url in the redirect object. You can append a &redirectUrl=<redirect URL> query parameter to webVerificationUrl, where <redirect URL> is a URL-encoded redirect URL. The redirect URL appears after document collection. For example: &redirectUrl=https%3A%2F%2Fhome.example.com%2Fs%2Fmembership.

redirect object

Used only in the request body of Create Verify Transaction and never returned by any API response.

Property Type Required? Mutable? Description
redirect.url String Required Mutable The redirect URL where the user is returned to after document collection
redirect.message String Optional Mutable The message presented to the user after document collection but before redirecting to the redirect.url

requirements object

Biographic matching occurs when the Verify Policy includes governmentId and the Create Verify Transaction includes the optional biographic matching data requirements (given_name, family_name, name, address, and birth_date). If the client does not provide biographic matching data, the service performs the verifications required by the verify policy. If the client does provide biographic matching data, the service performs the verifications required by the verify policy and then compares the data extracted from the government identity document to the data provided by the client.

Identity record matching occurs when the Verify Policy includes governmentId and the Create Verify Transaction includes the optional biographic matching data requirements (given_name, family_name, name, address, and birth_date). If the identityRecordMatching configuration object has at least one field defined with a threshold and the client does not provide biographic matching data corresponding to the required fields in the identityRecordMatching configuration object, an error is returned. If the client does provide biographic matching data, the service performs the verifications required by the verify policy and then compares the data extracted from the government identity document to the data provided by the client. If name required by the identityRecordMatching configuration object but only given_name.value and family_name.value are submitted in requirements, given_name.value and family_name.value will be combined as name.

Property Type Required? Mutable? Description
address Object Optional Immutable Object containing an array of addresses; can contain value or options, but not both
address.options String[] Required/Optional Immutable An array of addresses
address.value String Required/Optional Immutable One address
birth_date Object Optional Immutable Object containing the birth date; can contain value or options, but not both
birth_date.options String[] Required/Optional Immutable An array of one birth date in YYYY-MM-DD format; more than one element is not supported.
birth_date.value String Required/Optional Immutable One birth date in YYYY-MM-DD format
email Object Optional Immutable Object containing an array of email addresses.
email.options String[] Required Immutable An array of email addresses to send email one-time password to.
email.value String[] Required Immutable One address to send email one-time password to.
family_name Object Optional Immutable Object containing the family name; can contain value or options, but not both
family_name.options String[] Required/Optional Immutable An array of family names
family_name.value String Required/Optional Immutable One family name
given_name Object Optional Immutable Object containing given names; can contain value or options, but not both
given_name.options String[] Required/Optional Immutable An array of given names
given_name.value String Required/Optional Immutable One given name
name Object Optional Immutable Object containing the full name (given name and family name); can contain value or options, but not both
name.options String[] Required/Optional Immutable An array of full names
name.value String Required/Optional Immutable One full name
phone Object Optional Immutable Object containing a mobile phone number. Refer to Note on phone property.
phone.options String Required Immutable An array of mobile phone numbers to send SMS text one-time password (OTP) to.
phone.value String Required Immutable Mobile phone number to send SMS text one-time password (OTP) to.
referenceSelfie Object Required/Optional Immutable Object containing a reference self image. Required when, in the verify policy referenced by verifyPolicy.id (or the default verify policy), facialComparison.verify is REQUIRED and governmentID.verify is DISABLED. Otherwise, referenceSelfie is ignored.
referenceSelfie.value String Required Immutable A base64-encoded reference self image. Image must be JPEG format.
Note on phone property

When a phone number is needed, a valid phone number string must be provided in international format consisting of a leading plus sign, 1 to 3-digit country code, and 4 to 14-digit phone number, for example, +14155552671.

Always include the country code in the value you provide for the phone parameter. Phone formats across the globe are constantly expanding and changing. If the country code is not included, issues might occur with message delivery.

The following sample shows acceptable valid phone attribute formatting for the same number:

+1.5125201234
+15125201234
+1.512.520.1234
+1 (512) 520-1234

sendNotification object

Property Type Required? Mutable? Description
email String Optional Mutable The email address to send email verification notifications to
phone String Optional Mutable The phone number to send SMS text verification notifications to. Refer to the note regarding phone numbers following the requirements object table.
results Object[] N/A Read-only Array of objects that contain the results of attempts to notify the user. Provided only in the response to Create Verify Transaction.
results.error Object N/A Read-only Contains information regarding why a notification failed to send.
results.error.code String N/A Read-only A short alphanumeric code identifying the error.
results.error.details Object[] N/A Read-only Array of objects that contain details of the error as provided by the source of the error. Exact format varies by source.
results.error.id String N/A Read-only Identifier (UUID) of the error message.
results.error.message String N/A Read-only A textual message explaining the error.
results.method String N/A Read-only Method used in the attempt to notify the user; can be EMAIL or SMS.
results.notification.id String N/A Read-only Identifier (UUID) of the notification that was sent.
results.sent Boolean N/A Read-only Whether the notification was successfully sent.

transactionStatus object

Property Type Required? Mutable? Description
providerMessagesList Object Optional Immutable Present when one or more verification types fail
providerMessagesList.messages Object Required Immutable Contains name-value pairs where name is the error code and value is a textual error description. Some error messages are listed in Verification error messages.
providerMessagesList.providerId String Required Immutable A generic descriptor of the provider; can be ID_VALIDATION, Mitek, Amazon, IdFace, or IdVoice
providerMessagesList.verificationType String Required Immutable Verification type to which the message applies; refer to Verification types
status String Required Mutable Status of the transaction, an enumerated list
verificationStatus Object Required Immutable Contains name-value pairs where name is a verification type and value is the status of the verification type, an enumerated list

Transaction level status definitions

Status Definition
APPROVED_MANUALLY The administrator has decided to override the result of the verification. The service providers were unable to provide a positive response but the administrator was able to peruse the physical documents.
APPROVED_NO_REQUEST The administrator perused the physical documents of the user and approved the request without the need for third party verification.
FAIL All of the service providers have responded and some of the results are not positive. The transactionStatus object contains error messages.
IN_PROGRESS The user scanned the QR code and submitted the data. The service prepares to submit the data to third party providers.
INITIATED User has started collecting documents but has not sent them to the service to be processed.
NOT_REQUIRED The administrator has decided that this user does not require to be verified.
PARTIAL Some, but not all, service providers have responded. The service is waiting on responses from other providers.
REQUESTED The transaction is initiated but user has not scanned the QR code or submitted the data.
SUCCESS All of the service providers have responded and the result of the verification is positive from all providers.

Verification types

Verification type Definition
EMAIL Verifies the user's email address by sending a one time password (OTP) and having the user send that to PingOne Verify.
FACIAL_COMPARISON_GOVERNMENT_ID Accepts a new self-image (selfie) and compares it to the image on the government identity document.
FACIAL_COMPARISON_REFERENCE_SELFIE Accepts a new selfie and a reference selfie and compares the two selfies.
GOVERNMENT_ID Accepts a government-issued identity document, such as drivers license or passport, and verifies it with verification providers.
IDENTITY_RECORD_MATCHING Accepts biographic data and verifies it to identity document data.
LIVENESS Accepts a single selfie and checks it for liveness.
PHONE Verifies the user's phone number by sending an OTP and having the user send that to PingOne Verify.
VOICE_ENROLLMENT Performs voice enrollment with recordings provided by the user or by PingOne Verify's customer.
VOICE_VERIFICATION Performs voice verification with 1 recording provided by the end user or by PingOne Verify's customer.

Verification type level status definitions

Status Definition
DEPENDENCY_FAILED Another verification type already failed and this verification type is not being processed. For example, Government ID will not be verified if the Facial Comparison or Liveness check failed.
DOCUMENT_COLLECTED Documents were collected but not processed.
FAIL The verification type completed and the result is not positive. The transactionStatus object contains error message.
IN_PROGRESS The user has submitted the data and the service will perform the verification type.
MANUAL_INSPECTION For government ID only: Verification submitted for manual inspection.
OTP_RETRYABLE One Time Passcode (OTP) was returned but did not match the code sent. Retries are permitted if the retry count is less than the maximum.
OTP_SENT One Time Passcode (OTP) was sent to the user.
OTP_VERIFIED One Time Passcode (OTP) was returned by the user and verified.
REQUESTED The verification type is requested but the user has not submitted the data.
RETRYABLE The verification type completed but the image submitted is unacceptable. Retries are permitted, the retry count is less than the maximum, and the transaction has not timed out.
SUCCESS The verification type completed and the result is positive.
TRANSACTION_TIMED_OUT Transaction was not completed within the timeout period.

Verification error messages

Errors returned vary by vendor:

Mitek errors

API errors

If the transaction receives an error for reason code 144, DOCUMENT_IMAGES_MISMATCH - Document images do not match input type, you can ask the user to retry taking a document image.

Reason
Code
Error Code Message
100 INTERNAL_ERROR Internal Error
101 NO_RECORD No record found
102 VALIDATION_IN_PROGRESS Validation process has already been started
103 MISSING_SHOCARD_ID Shocard Id is missing
104 MISSING_PUBLIC_KEY App public key is not set
105 MISSING_CLAIM Claim is missing
106 LIMIT_EXCEEDED Exceeded number of validation requests
107 INVALID_REQUEST Invalid Request
108 MISSING_DATA Missing Shared data in request
109 DECRYPTION_ERROR Error in decrypting data
110 FACE_VALIDATION_ERROR Face validation failed
111 DOCUMENT_VALIDATION_ERROR Document validation failed
112 DOCUMENT_VALIDATION_MISSING_DATA_ERROR Document validation missing data
113 DOCUMENT_VALIDATION_INTERNAL_ERROR Document validation internal error
114 JSON_READ_ERROR JSON read error
115 JSON_WRITE_ERROR JSON write error
116 FAILED_GETTING_TRANS_STATUS Failed getting transaction status
117 INVALID_TRANSACTION_STATE Invalid transaction state
118 DOCUMENT_VALIDATION_PROVIDER_INTERNAL_ERROR Document validation provider internal error
119 DOCUMENT_VALIDATION_PROCESSING_RESULT_ERROR Document validation processing result error
120 VALIDATION_NOT_IN_REQUESTED_STATUS Validation status not in the REQUESTED STATUS
121 ENVIRONMENT_COULD_NOT_BE_FOUND Could not find Environment
122 VERIFICATION_CAPABILITIES_ERROR Environment does not have verification capabilities
123 ORGANIZATION_COULD_NOT_BE_FOUND Could not find Organization
124 ORGANIZATION_QUOTA_ERROR No organization quota
125 ORGANIZATION_QUOTA_DATE_ERROR Current date is out of quota dates range
126 MISSING_UNIQUE_TOKEN Missing/invalid unique token
127 PUBLIC_KEY_NOT_EMPTY App public key has already been set
128 VERIFY_STATUS_NOT_INITIATED verifyStatus not initiated
129 VERIFY_STATUS_IS_DISABLED verifyStatus is disabled
130 LIVENESS_VALIDATION_ERROR Liveness validation failed
139 DUPLICATE_RECORD_ERROR There is an existing record
140 VALIDATION_NOT_IN_THE_EXPECTED_STATUS Validation status not in the Expected STATUS
141 DOCUMENT_AGENT_ASSIST_INTERNAL_ERROR Document agent assist internal error
142 DOCUMENT_AGENT_ASSIST_RESULT_ERROR Document agent assist processing result error
143 DOCUMENT_AGENT_ASSIST_REQUEST_ERROR Document agent assist processing result error
144 DOCUMENT_IMAGES_MISMATCH Document images do not match input type
145 DEPENDENCY_FAILED Verification not performed because a dependency failed
146 TRANSACTION_TIMEOUT Transaction timeout exceeded
147 DATA_COLLECTION_TIMEOUT Data collection timeout exceeded
148 DATA_COLLECTION_ONLY_NOT_SUPPORTED Data collection only not supported
149 EXPIRED_GOVERNMENT_ID Government ID is expired
150 OTP_ATTEMPTS_EXCEEDED OTP attempts exceeded
151 OTP_SESSION_EXPIRED OTP session expired
152 OTP_DELIVERY_FAILED Failed to deliver OTP
153 MISSING_VERIFY_CONFIG VerifyPolicy could not be found
154 INVALID_PROVIDER_CREDENTIAL_KEY Invalid Credential Key
155 VOICE_ENROLLMENT_FAILED Voice Enrollment failed
156 VOICE_VERIFICATION_FAILED Voice Verification failed
157 VOICE_ENROLLMENT_NOT_FOUND User has not enrolled in Voice verification
158 VOICE_RECORDING_SPOOFED Voice recording liveness check failed
159 VOICE_RECORDING_POOR_QUALITY Voice recording quality too poor
160 VOICE_RECORDING_SPEECH_SHORT Voice recording speech length is too short
161 VOICE_SAMPLES_DONT_MATCH Voice enrollment samples do not match
162 VOICE_MATCH_SCORE_TOO_LOW Voice match score too low
163 VOICE_RECORDING_CHANNEL_CONFLICT Voice recording channel conflict
164 PHONE_VALIDATION_ERROR Phone validation failed
Processing reasons for document verification (automated)

If the transaction receives an error for reason codes marked Yes in the Retry column, you can ask the user to retry taking a document image.

Reason
Code
Message Description Retry
200 Image quality check failed. The image has failed image quality check. Yes
201 The image is not sharp. The image is out of focus. Yes
202 The image has glare. Glare was found on the document preventing extraction or authentication. Yes
203 The image is too dark. The image is too dark. Yes
204 The document on the image is too small. The amount of the image that the document takes up is too small. Retake Image - Try changing from portrait to landscape mode or getting closer to the image. Yes
205 The ID document could not be found. This can be caused by the image not showing all four corners of the document. Retake Image - Ensure all four sides of the document are visible. Yes
206 The type of ID document could not be determined. The type of document could not be identified. This could be caused by a low quality image or it could be a document that is not supported. Yes
208 Invalid Image Type The encoding of the image is incorrect. It is not in a format that Mitek is able to process. Take a new image in a supported format. Yes
209 Image is too small The input image had a width or height less than 400 pixels. Take a larger image. Yes
210 Image processing failed after resizing. The input image had a width or height greater than 2000 pixels and was resized. You will only receive this message if processing failed after resizing. Take a smaller image. Yes
211 The authenticator could not run because the input image was missing The authenticator was not able to assess the document because the input image was missing. Ensure that at least one image of an identity document was captured and submitted in the service request. Yes
212 The image quality of the authenticator input image was poor. The authenticator was not able to assess the document because the image quality was too poor. Have the consumer capture a better quality image. Yes
500 The barcode could not be found. The document was classified as a type that contains a barcode but the barcode could not be found.
501 The barcode could not be extracted. The barcode was found but could not be read.
502 The barcode could not be parsed. The barcode was read but the resulting data was not in the expected format.
503 The barcode could not be processed A problem was encountered when trying to process barcode extraction and parsing.
510 No data could be extracted for this document. Data could not be extracted
511 Data could not be extracted from the back of the document. Data could not be extracted from the back of the document.
512 The front of the ID document could not be extracted. The front of the ID document could not be extracted.
513 Document not supported for extraction The document may or may not be classified but it is currently not supported for extraction.
520 Data extraction was performed, but the system didn't accept the results. The data was extracted, but did not pass our additional checks to ensure the extraction is accurate.
600 The Enhanced Security Feature (ESF) was expected for this type of document and not found. The document should have contained an ESF feature but no ESF was found.
601 Only part of the Enhanced Security Feature (ESF) was found; the ID document may have been altered. Only part of the Enhanced Security Feature (ESF) was found; the ID document may have been altered.
602 Only part of the Enhanced Security Feature (ESF) was found; the ID document may have been altered. Only part of the Enhanced Security Feature (ESF) was found; the ID document may have been altered.
603 The Enhanced Security Feature (ESF) was found but shows evidence of tampering. The Enhanced Security Feature (ESF) was found but shows evidence of tampering.
610 The picture area could not be identified. The portrait on the document could not be located.
611 The picture image quality is too low. the portrait image quality is loo low. Retake Image
612 The picture image has poor exposure. The picture image has poor exposure. Retake Image
620 No MRZ was found on the document. The document was expected to have an MRZ on it based on its classification but no MRZ could be found.
621 The MRZ was detected but was not in the proper format. The MRZ was detected but was not in the proper format.
630 The MRZ check digits are invalid. The MRZ check digits are invalid.
650 The fields used to determine font consistency could not be extracted The fields used to determine font consistency did not return any extraction results
660 The document does not have enough fields to perform data comparison Field comparison could not be performed because there were not enough fields on the document to perform a data comparison.
680 The barcode could not be found or was only partially detected on the document. The PDF417 barcode, typically found on USA or Canadian driving licenses or ID cards, could not be detected.
698 The authenticator took too long to process. The authenticator took longer to process than was allowed to ensure a quick Mobile Verify Auto response.
699 The authenticator is not available for this document. This message is returned when an authenticity test was not applied to a document because the document doesn't have the necessary features or some design features prevent evaluation
700 Unavailable due to scheduled maintenance AAMVA or the document's issuing jurisdiction is currently in a scheduled maintenance window. In order to avoid a billable event, this transaction was not submitted.
701 Jurisdiction temporarily unavailable The document's issuing jurisdiction is currently unable to process transactions.
702 Jurisdiction system error The document's issuing jurisdiction encountered an unknown error.
703 Jurisdiction did not respond in a timely manner The document's issuing jurisdiction did not respond in a timely manner.
801 Document is too close to the camera Document Liveness could not be performed, because the document is too close to the camera.
802 Document is too close to the image border Document Liveness could not be performed, because the distance between document and image border is too small.
803 Part of the document is not present in the image Document Liveness could not be performed, because a part of the document is not visible in the image.
804 Document is not detected in the image Document Liveness could not be performed, because the document could not be detected in the image.
805 Document size in the image is too small Document Liveness could not be performed, because the document size in the image is too small.
806 Too many documents were detected in the image Document Liveness could not be performed, because there are multiple documents in the image.
807 Document Liveness temporarily unavailable Document Liveness service did not respond in a timely manner.
Selfie capture

If the transaction receives an error for error codes marked Yes in the Retry column, you can ask the user to retry taking a selfie.

Error Code Error Message Meaning Retry
FACE_ANGLE_TOO_LARGE Facial out-of-plane rotation angle is extremely large Facial out-of-plane rotation angle is extremely large Yes
FACE_CLOSE_TO_BORDER Face is too close to one or more borders Face is too close to one or more borders. May reduce the accuracy of spoofing detection because edges of face may not be seen Yes
FACE_CROPPED Face is cropped Face is cropped. May reduce the accuracy of spoofing detection because edges of face may not be seen Yes
FACE_IS_OCCLUDED Face is occluded There is occlusion of a face, which impacts the accuracy of liveness. This detection is designed to work with the medical masks that cover nose and mouth, other occlusions are not guaranteed. Occlusion detection has probabilistic nature and may have errors. The threshold setting for occlusion detection may be tuned by changing face_occlusion_threshold setting. Please refer to PAD Configuration in Docker section for more information. Yes
FACE_NOT_FOUND Failed to detect face Face detector can't find face on image. Face detection has probabilistic nature and may have errors. It also has some sensitivity level and very small faces may be ignored. Yes
FACE_TOO_CLOSE Face is too close to the camera A distance between face and image border is too small for preprocessing issues Yes
FACE_TOO_SMALL Interpupillary distance is too small Facial area is not big enough for analysis. Interpupillary distance in pixels is below the configured value Yes
Absolute face size is too small Facial area is not big enough for analysis. Absolute face size in pixels is below the configured value Yes
Relative face size is too small Facial area is not big enough for analysis. The relative proportion of face size in the image is below the configured value Yes
FAILED_TO_ALLOCATE Current vm.max_map_count limit is too low Memory allocation error
FAILED_TO_PREDICT_LANDMARKS Failed to predict landmarks Landmarks prediction error
FAILED_TO_PREPROCESS_IMAGE_WHILE_DETECT Face detection error Face detection error
FAILED_TO_PREPROCESS_IMAGE_WHILE_PREDICT Failed to preprocess image for *** Liveness prediction error
FAILED_TO_READ_IMAGE File decoding error File decoding error
FAILED_TO_READ_MODEL Failed to read model Model deserializing error
FAILED_TO_WRITE_IMAGE File encoding error File encoding error
INVALID_CONFIG Field *** not found in config Configuration file deserializing error
INVALID_FUSE_MODE Invalid fuse mode provided Invalid fuse mode provided
INVALID_META Invalid OS value provided in meta, should be one of: UNKNOWN, DESKTOP, ANDROID, IOS Invalid facesdk::Meta value
LICENSE_ERROR Some error occurred during license checking Some error occurred during license checking
NO_SUCH_OBJECT_IN_BUILD Object *** not found Engine or backend is not supported by the build
NULLPTR Empty image Nullptr provided
TOO_MANY_FACES Too many faces detected Face detector found more than one face on image. Please, note, that very small faces may be ignored if they are below the sensitivity level.
UNKNOWN JNI: unknown exception Unhandled exception in the code

Veriff errors

Reason
Code
Message Retry
105 Suspicious behavior No
204 Poor image quality No
504 Attempted deceit, device screen used No
505 Attempted deceit, printout used No
507 Presented document tampered, data cross reference No
508 Presented document tampered, document similarity to specimen No
602 Presented document type not supported Yes
608 Document front missing Yes
614 Document front not fully in frame Yes
619 Document data not visible Yes
621 Document annulled or damaged Yes
625 Unable to collect surname Yes
627 Unable to collect date of birth Yes
628 Unable to collect issue date Yes
629 Unable to collect expiry date Yes
630 Unable to collect gender Yes
631 Unable to collect document number Yes
632 Unable to collect personal number Yes
633 Unable to collect nationality Yes
634 Unable to collect home address Yes
644 Unable to collect Identificador de Ciudadano (INE) Yes
645 Resubmit - Unable to collect OCR (IFE) Yes
647 Document not recognized Yes
648 Technical issues Yes
653 Unable to collect residence permit type Yes
654 Unable to collect driver's license number Yes

Create Verify Transaction


Read All Verify Transactions


Read One Verify Transaction


Update Verify Transaction


Delete Verify Transaction

Verify Identity Record Matching

With the Verify Identity Record Matching service, you can submit any of name, given name, family name, birth date, or address from an unverified source and corresponding values from one or more verified sources. The identityRecordMatching endpoint, /environments/{{envID}}/users/{{userID}}/identityRecordMatching, compares the unverified biographic data to the verified biographic data, and returns a raw score and confidence level of the match.

Verify identity record matching request data model

Property Type Required? Mutable? Description
probe Object Required Mutable Object containing the data submitted from the document to match. At least one property is required.
probe.address String Required/Optional Mutable Address of the identity submitted from the document to match
probe.birth_date String Required/Optional Mutable Birth date name of the identity submitted from the document to match
probe.family_name String Required/Optional Mutable Family name of the identity submitted from the document to match
probe.given_name String Required/Optional Mutable Given name of the identity submitted from the document to match
probe.name String Required/Optional Mutable Name of the identity submitted from the document to match
gallery Object Required Mutable Object containing the data submitted from source records to match. A property is required for each probe property submitted.
gallery.address String Required/Optional Mutable Address of the identity submitted from the document to match
gallery.address.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression to retrieve the address value, such as supply a literal value, reformat the source value, or combine source attributes. For more information on PEL, refer to PingOne expression language.
gallery.address.options String[] Required/Optional Mutable Array of literal address values to match.
gallery.address.value String Required/Optional Mutable Literal address value to match.
gallery.birth_date String Required/Optional Mutable Birth date name of the identity submitted from the document to match
gallery.birth_date.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression to retrieve the birth_date value, such as supply a literal value, reformat the source value, or combine source attributes. For more information on PEL, refer to PingOne expression language.
gallery.birth_date.options String[] Required/Optional Mutable Array of literal birth_date values to match.
gallery.birth_date.value String Required/Optional Mutable Literal birth_date value to match.
gallery.family_name String Required/Optional Mutable Family name of the identity submitted from the document to match
gallery.family_name.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression to retrieve the family_name value, such as supply a literal value, reformat the source value, or combine source attributes. For more information on PEL, refer to PingOne expression language.
gallery.family_name.options String[] Required/Optional Mutable Array of literal family_name values to match.
gallery.family_name.value String Required/Optional Mutable Literal family_name value to match.
gallery.given_name String Required/Optional Mutable Given name of the identity submitted from the document to match
gallery.given_name.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression to retrieve the given_name value, such as supply a literal value, reformat the source value, or combine source attributes. For more information on PEL, refer to PingOne expression language.
gallery.given_name.options String[] Required/Optional Mutable Array of literal given_name values to match.
gallery.given_name.value String Required/Optional Mutable Literal given_name value to match.
gallery.name String Required/Optional Mutable Name of the identity submitted from the document to match.
gallery.name.expression String Required/Optional Mutable PingOne Expression Language (PEL) expression to retrieve the name value to match, such as supply a literal value, reformat the source value, or combine source attributes. For more information on PEL, refer to PingOne expression language.
gallery.name.options String[] Required/Optional Mutable Array of literal name values to match.
gallery.name.value String Required/Optional Mutable Literal name value to match.

Verify identity record matching response data model

Property Type Required? Mutable? Description
detailedResults.address String N/A Read-only Address of the identity.
detailedResults.address.
confidence
String N/A Read-only Confidence level of the match returned by the service. Can be HIGH, MEDIUM, LOW, or NONE.
detailedResults.address.
probeValue
String N/A Read-only Value of address found on the government ID of the identity.
detailedResults.address.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.address.
galleryValue
String N/A Read-only Value of address on reference records provided by the requester.
detailedResults.birth_date String N/A Read-only Birth date of the identity in ISO 8601 YYYY-MM-DD format.
detailedResults.birth_date.
confidence
String N/A Read-only Confidence level of the match returned by the service. Can be HIGH, MEDIUM, LOW, or NONE.
detailedResults.birth_date.
probeValue
String N/A Read-only Value of birth date found on the government ID of the identity.
detailedResults.birth_date.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.birth_date.
galleryValue
String N/A Read-only Value of birth date on reference records provided by the requester.
detailedResults.family_name String N/A Read-only Family name of the identity.
detailedResults.family_name.
confidence
String N/A Read-only Confidence level of the match returned by the service. Can be HIGH, MEDIUM, LOW, or NONE.
detailedResults.family_name.
probeValue
String N/A Read-only Value of family name found on the government ID of the identity.
detailedResults.family_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.family_name.
galleryValue
String N/A Read-only Value of family name on reference records provided by the requester.
detailedResults.given_name String N/A Read-only Given name of the identity. Can optionally include middle name.
detailedResults.given_name.
confidence
String N/A Read-only Confidence level of the match returned by the service. Can be HIGH, MEDIUM, LOW, or NONE.
detailedResults.given_name.
probeValue
String N/A Read-only Value of given name found on the government ID of the identity.
detailedResults.given_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.given_name.
galleryValue
String N/A Read-only Value of given name on reference records provided by the requester.
detailedResults.name String N/A Read-only Full name of the identity.
detailedResults.name.
confidence
String N/A Read-only Confidence level of the match returned by the service. Can be HIGH, MEDIUM, LOW, or NONE.
detailedResults.name.
probeValue
String N/A Read-only Value of name found on the government ID of the identity.
detailedResults.name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.name.
galleryValue
String N/A Read-only Value of name on reference records provided by the requester.
overallWeightedResult String N/A Read-only Weighted result of all reviewed fields. Can be HIGH, MEDIUM, LOW, or NONE. The lowest confidence value of non-zero rawScore results.
overallWeightedScore Decimal N/A Read-only Weighted score of all reviewed fields. A decimal number between 0 and 1. The average of all non-zero rawScore results.

A confidence of NONE occurs when rawScore is very low or when a governmentIdValue value is missing but its corresponding requirementsValue is valued.


Submit Identity Record Match

Verify Voice Phrases

The service stores reference data about the user that is later used in verify transactions. For voice verification, an enrollment transaction is necessary to store voice reference data. The voice reference data is then used during voice verification. Voice verification cannot be performed for a user if enrollment has not been performed.

Voice verification does not evaluate the spoken words and therefore is language-independent and can be text-independent when used with longer speech streams. For interactive voice enrollment or verification, between the service and a user's mobile device, the user reads aloud a voice phrase that is submitted to the service. Verify voice phrases are the phrases that the user reads aloud. For non-interactive voice enrollment and verification, longer voice recordings are submitted without specific phrases spoken.

Some phrases are pre-defined by the service. However, customers can define their own, custom phrases.

Voice phrases are a container with a name. The actual phrases to speak are in contents, where the content has a locale and the phrase to speak written in the language required by the locale. Pre-defined phrases have contents in the locales supported by PingOne in their products. Because they are only read by a native speaker, custom voice phrases can be any locale and written in any language or character set.

To define a custom voice phrase:

  1. Create a custom voice phrase container to hold the localized contents.
  2. Create a custom voice phrase content with the locale and content.

Verify voice phrase data model

Property Type Required? Mutable? Description
id String N/A Read-only Voice phrase identifier. For customer-defined phrases, a UUID. For pre-defined phrases, a string derived from displayName.
environment.id String Required Immutable Ping environment identifier (UUID) for user
displayName String Required Mutable Suggested text to show for this voice phrase on a user interface. Must be unique within the environment identified by environment.id.
createdAt DateTime N/A Read-only This field records the date and time the verify phrase was created
updatedAt DateTime N/A Read-only This field records the date and time the verify phrase was updated; can be null

Verify voice phrase contents data model

Property Type Required? Mutable? Description
id String N/A Read-only Voice phrase identifier. For customer-defined phrases, a UUID. For pre-defined phrases, a string derived from displayName.
environment.id String Required Immutable Ping environment identifier (UUID) for user
voicePhrase.id String Required Immutable Identifier (UUID) for the voice phrase for which this is contents
locale String Required Mutable Locale for content
content String Required Mutable Phrase users must speak and write in the language specified by locale
createdAt DateTime N/A Read-only This field records the date and time the verify policy was created
updatedAt DateTime N/A Read-only This field records the date and time the verify policy was updated; can be null

Create Custom Voice Phrase


Create Custom Voice Phrase Content


Read All Voice Phrases


Read All Voice Phrase Contents


Read One Voice Phrase


Read One Voice Phrase Content


Update Custom Voice Phrase


Update Custom Voice Phrase Content


Delete Custom Voice Phrase


Delete Custom Voice Phrase Content

Verify Reference Data

Verify reference data is any data submitted by the user, or by a PingOne customer on behalf of the user, to the verification service as reference material for later comparison during verification. Reference data are voice samples. Verify reference data is retained for an indefinite period of time, although it can be deleted.

Verify reference data data model

Note: The data property can contain rather large base64-encoded data. To reduce message size, it is not returned by Read All Reference Data. Use that call to find the id of a specific reference data and then use Read One Reference Data to retrieve it.

Property Type Required? Mutable? Description
id String N/A Read-only Reference data identifier (UUID or textual descriptor)
environment.id String Required Immutable Ping environment identifier (UUID) of the user
user.id String Required Immutable Identifier (UUID) for the user
type String Required Immutable The type of reference data represented; can be VOICE
data Object Required Mutable User's reference data: data object
createdAt DateTime N/A Read-only Date and time the reference data was created
updatedAt DateTime N/A Read-only Date and time the reference data was updated; can be null

data object

Note: The data object can contain rather large base64-encoded data and therefore is returned only with Read One Reference Data. To find the id for specific reference data, use Read All Reference Data and find the 'id of the reference data to retrieve.

Property Type Required? Mutable? Description
voiceRecordings Object[] Optional Mutable Array of voice recording objects
voiceRecordings.id String N/A Read-only Voice recording identifier (UUID)
voiceRecordings.recording String Required Mutable Base64-encoded voice recording submitted
voiceRecordings.channel String Required Mutable Source of the voice recording submitted; can be MIC (from user's mobile device microphone) or TEL (from a recorded telephone call with the user)
voiceRecordings.createdAt DateTime N/A Read-only Date and time the voice recording was created
voiceRecordings.updatedAt DateTime N/A Read-only Date and time the voice recording was updated; can be null
voiceTemplates Object[] Required Mutable Array of voice template (created from the voice recordings) objects
voiceTemplates.id String N/A Read-only Voice template identifier (UUID)
voiceTemplates.template String Required Mutable Base64-encoded voice template extracted from a submitted recording
voiceTemplates.mergedTemplate Boolean Required Mutable Whether new templates should be merged into existing templates to adapt to the user's voice changes over time
voiceTemplates.channel String Required Mutable Source of the voice template submitted; can be MIC (from user's mobile device microphone) or TEL (from a recorded telephone call with the user)
voiceTemplates.
voiceSdkVersion
Object N/A Read-only Information regarding the SDK used to create the template
voiceTemplates.
voiceSdkVersion.version
String N/A Read-only Version of the SDK
voiceTemplates.
voiceSdkVersion.initializationDataId
String N/A Read-only Identifier of the initialization data
voiceTemplates.
voiceSdkVersion.algorithm
String N/A Read-only Algorithm used
voiceTemplates.sourceTemplateIds String[] Optional Mutable Array of voice template identifiers (UUIDs) of the voice templates merged into this template when voiceTemplates.mergedTemplate is true
voiceTemplates.createdAt DateTime N/A Read-only Date and time the voice template was created
voiceTemplates.updatedAt DateTime N/A Read-only Date and time the voice template was updated; can be null
voicePhraseContent Object N/A Read-only Voice phrase content used to create the reference data; refer to Verify voice phrase contents data model
createdAt DateTime N/A Read-only Date and time the voice recording was created
updatedAt DateTime N/A Read-only Date and time the voice recording was updated; can be null

Read All Reference Data


Read One Reference Data


Delete All Reference Data


Delete One Reference Data

Verify Documents

For each verification transaction, you can read documents (such as the images of documents and images of the user, "selfies") submitted to the transaction for a short time. The documents endpoint, /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/documents, receives all requests for documents associated with the verification transaction. This endpoint returns the data regardless of whether the transaction is ever submitted for verification.

Only those with an Identity Data Admin role are permitted to use the documents endpoint.

Documents are retained for 30 minutes after creating or updating the document (submitted with the requests Create Verification Document or Update Verification Document or collected by the end user in the Universal Capture frontend) or until manually deleted with Delete Verification Document. Until removed, any number of GET or PUT requests to the documents endpoint can be successfully performed.

All verify documents data model

When all verify documents for a verification transaction are requested, the verify document for each verification type of the most recent retry appears in a documents array in the response. The verify document data model for each verification type of earlier retries appear in a previousAttempts array in the response.

Property Type Required? Mutable? Description
_embedded Object N/A Read-only Container for returned data.
documents Object[] N/A Read-only Array of verifiedData objects for each verification type for the most recent verification attempt.
previousAttempts Object[] N/A Read-only Array of verifiedData objects for each verification type for unacceptable verification attempts.
size Integer N/A Read-only The number of objects returned in documents.

Specific verify document data model

When specific verify document for a verification type within a verification transaction are requested, the verify document data model appears as the response, regardless of which retry attempt it is.

Verify document data model

Property Type Required? Mutable? Description
id String N/A Read-only Document identifier (UUID)
retry.attempt Integer N/A Read-only Number of the retry attempt when submitting images.
source.provider String Required Immutable Provider of the documents. Can be END_USER, AUTHENTICATED_CLIENT.
status String N/A Read-only Status of the document. Can be COLLECTED or PROCESSED.
type String Required Immutable Type of document in value. Refer to Document types and values.
value String Required Immutable Document, for the format of the document refer to Document types and values

Document types and values

Document Type Value
Document Back Base64 encoded JPEG
Document Front Base64 encoded JPEG
Driver License Back Base64 encoded JPEG
Driver License Code decoded text from the PDF417 barcode
Driver License Front Base64 encoded JPEG
Email textual email address
Passport Card Back Base64 encoded JPEG
Passport Card Front Base64 encoded JPEG
Passport Front Base64 encoded JPEG
Phone textual phone number
Selfie Base64 encoded JPEG
Voice Input Base64 encoded LPCM WAV voice recording submitted for verification
Voice Sample Base64 encoded LPCM WAV voice recording submitted for enrollment

Note: Voice recordings must be sampled at 16 KHz when submitted from reading voice phrases or at 8 KHz when submitted from longer, text-independent recordings.


Create Verification Document


Process Verification Documents


Complete Verification Documents


Read All Verification Documents


Read One Verification Document


Update Verification Document


Delete Verification Document

Verified Data

For each verification attempt, you can read data submitted in the transaction for a short time. The verifiedData endpoint, /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/verifiedData, receives all requests for data associated with the verification attempt.

Only those with an Identity Data Admin role are permitted to use the verifiedData endpoint.

User's verification data are retained for 30 minutes after a verification decision is made. Until removed, any number of requests to the verifiedData endpoint can be successfully performed.

A note on extracted data

Identity document verification uses two methods to extract personally identifiable information (PII): barcodes and optical character recognition (OCR).

If the identity document has a barcode, PII is extracted from it. Barcodes are designed to enhance the reliability of data extraction and have error rates of fewer than 1 in a million. Barcodes are on all US driver licenses, but on few other identity documents.

OCR is most commonly used to extract PII. With OCR, the scanner attempts to recognize the individual characters and words on the image of the identity document and convert them to a digital representation of that character or word. With optimized sources, OCR can achieve error rates as low as 1 in 10,000. However, error rates with non-optimized images often exceed 1 in 100. Identity documents captured by smartphone cameras often suffer from poor focus, skew, low contrast, or too-low or too-high illumination that make effective OCR difficult.

It is important to note that, unless licensed for AAMVA checks for US driver licenses, PII extracted from identity document images is not checked against a system of record. That is, the verification service can show that the holder of the identity document matches the portrait on the identity document, but it does not show that the PII on the identity document is true or accurate.

All verified data data model

When all verified data for a verification transaction are requested, the verified data for each verification type of the most recent retry appears in a verifiedData array in the response. The verified data data model for each verification type of earlier retries appear in a previousAttempts array in the response.

Property Type Required? Mutable? Description
_embedded Object N/A Read-only Container for returned data.
verifiedData Object[] N/A Read-only Array of verifiedData objects for each verification type for the most recent verification attempt.
previousAttempts Object[] N/A Read-only Array of verifiedData objects for each verification type for unacceptable verification attempts.
size Integer N/A Read-only The number of objects returned in verifiedData.

Specific verified data data model

When specific verified data for a verification type within a verification transaction are requested, the verified data data model appears as the response, regardless of which retry attempt it is.

verified data data model

Property Type Required? Mutable? Description
data Object N/A Read-only Verification data for GOVERNMENT_ID, BARCODE, BIOGRAPHIC_MATCH, IDENTITY_RECORD_MATCHING, VOICE_SAMPLE, VOICE_INPUT, END_USER_CLIENT, and all other types
id String N/A Read-only Transaction identifier (UUID)
retry.attempt Integer N/A Read-only Number of the retry attempt when submitting images.
type String Required Immutable The type of personally identifiable information (PII) in the object. Can be GOVERNMENT_ID, BARCODE, FRONT_IMAGE, BACK_IMAGE, SELFIE, CROPPED_SIGNATURE, CROPPED_DOCUMENT, CROPPED_PORTRAIT, VOICE_SAMPLE, VOICE_INPUT, END_USER_CLIENT, AADHAAR_REFERENCE_SELFIE, BIOGRAPHIC_MATCH, or IDENTITY_RECORD_MATCHING.

data object for type = GOVERNMENT_ID

Aadhaar verification results for birthDate, fullName, and gender return in the corresponding properties in this object and the Aadhaar identity number returns in documentNumber and idNumber.

Property Type Required? Mutable? Description
addressCity String N/A Read-only The city in the address
addressFull String N/A Read-only The complete address as discovered (Veriff only)
addressHouseNumber String N/A Read-only The street number in the address (Veriff only)
addressState String N/A Read-only The state or province in the address
addressStreet String N/A Read-only The street in the address
addressZip String N/A Read-only The postal code in the address
birthDate String N/A Read-only The birth date in YYYY-MM-DD format of the identity
country String N/A Read-only The country in the address (Mitek only)
documentNumber String N/A Read-only The identification number of the identity document (Veriff only)
expirationDate String N/A Read-only The expiration date in YYYY-MM-DD format of the identity document
firstName String N/A Read-only The first name of the identity. Can optionally include middle name.
fullName String N/A Read-only The full name of the identity.
gender String N/A Read-only The gender of the identity. Used only with agent assisted flows.
idNumber String N/A Read-only The identification number of the identity document
idType String[] Required Immutable Array of the types of personally identifiable information (PII) submitted, such as DriversLicenseFront or RESIDENCE_PERMIT
issueDate String N/A Read-only The issue date in YYYY-MM-DD format of the identity document
issuingCountry String N/A Read-only The country of the document issuer
lastName String N/A Read-only The last name of the identity
nationality String N/A Read-only The nationality of the identity. Used only with agent assisted flows. (Mitek only)
weight String N/A Read-only The confidence weight of the identity. Used only with agent assisted flows. (Mitek only)

data object for type = BARCODE

Property Type Required? Mutable? Description
PDF417 String N/A Read-only The data parsed off the barcode of a drivers license

data object for type = BIOGRAPHIC_MATCH

Property Type Required? Mutable? Description
detailedResults.address String N/A Read-only Address of the identity.
detailedResults.address.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.address.
governmentIdValue
String N/A Read-only Value of address found on the government ID of the identity.
detailedResults.address.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.address.
requirementsValue
String N/A Read-only Value of address on reference records provided by the requester.
detailedResults.birth_date String N/A Read-only Birth date of the identity in ISO 8601 YYYY-MM-DD format.
detailedResults.birth_date.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.birth_date.
governmentIdValue
String N/A Read-only Value of birth date found on the government ID of the identity.
detailedResults.birth_date.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.birth_date.
requirementsValue
String N/A Read-only Value of birth date on reference records provided by the requester.
detailedResults.family_name String N/A Read-only Family name of the identity.
detailedResults.family_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.family_name.
governmentIdValue
String N/A Read-only Value of family name found on the government ID of the identity.
detailedResults.family_name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.family_name.
requirementsValue
String N/A Read-only Value of family name on reference records provided by the requester.
detailedResults.given_name String N/A Read-only Given name of the identity. Can optionally include middle name.
detailedResults.given_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.given_name.
governmentIdValue
String N/A Read-only Value of given name found on the government ID of the identity.
detailedResults.given_name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.given_name.
requirementsValue
String N/A Read-only Value of given name on reference records provided by the requester.
detailedResults.name String N/A Read-only Full name of the identity.
detailedResults.name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.name.
governmentIdValue
String N/A Read-only Value of name found on the government ID of the identity.
detailedResults.name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.name.
requirementsValue
String N/A Read-only Value of name on reference records provided by the requester.
overallWeightedResult String N/A Read-only Weighted result of all reviewed fields as described in Biographic match results match definitions.
overallWeightedScore Decimal N/A Read-only Weighted score of all reviewed fields. A decimal number between 0 and 1.

Biographic match results match definitions

Value Description
HIGH Based on a threshold, the quality of the match indicates that the match is an exact match or can be qualified as a near-exact match.
MEDIUM Based on a threshold, the quality of the match is not exact but can be qualified as a partial match or an alternate spelling for the same value.
LOW Based on a threshold, the quality of the match cannot be qualified as exact, near-exact, partial, or misspelled.
NONE A raw score was so low that we have no confidence in a match.
NOT_APPLICABLE A value was not found in the processed document for the given identifier. For example, the user is required to supply an address but the document supplied, such as a passport, does not have an address.

<<<<<<< HEAD

data object for type = FRONT_IMAGE, BACK_IMAGE, SELFIE, AADHAAR_REFERENCE_SELFIE, CROPPED_SIGNATURE. CROPPED_DOCUMENT, and CROPPED_PORTRAIT

=======

data object for type = IDENTITY_RECORD_MATCHING

Property Type Required? Mutable? Description
comparisons Object[] N/A Read-only Array of objects with results of comparisons.
comparisons.detailedResults.address String N/A Read-only Address of the identity.
comparisons.detailedResults.address.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.address.
sourceValue
String N/A Read-only Value of address in the source (as submitted to the subprocessor).
comparisons.detailedResults.address.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.address.
targetValue
String N/A Read-only Value of address in the target (as submitted to the subprocessor).
comparisons.detailedResults.birth_date String N/A Read-only Birth date of the identity in ISO 8601 YYYY-MM-DD format.
comparisons.detailedResults.birth_date.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.birth_date.
sourceValue
String N/A Read-only Value of birth date in the source (as submitted to the subprocessor).
comparisons.detailedResults.birth_date.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.birth_date.
targetValue
String N/A Read-only Value of birth date in the target (as submitted to the subprocessor).
comparisons.detailedResults.family_name String N/A Read-only Family name of the identity.
comparisons.detailedResults.family_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.family_name.
sourceValue
String N/A Read-only Value of family name in the source (as submitted to the subprocessor).
comparisons.detailedResults.family_name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.family_name.
targetValue
String N/A Read-only Value of family name in the target (as submitted to the subprocessor).
comparisons.detailedResults.given_name String N/A Read-only Given name of the identity. Can optionally include middle name.
comparisons.detailedResults.given_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.given_name.
sourceValue
String N/A Read-only Value of given name in the source (as submitted to the subprocessor).
comparisons.detailedResults.given_name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.given_name.
targetValue
String N/A Read-only Value of given name in the target (as submitted to the subprocessor).
comparisons.detailedResults.name String N/A Read-only Full name of the identity.
comparisons.detailedResults.name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.name.
sourceValue
String N/A Read-only Value of name in the source (as submitted to the subprocessor).
comparisons.detailedResults.name.
rawScore
Float N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.name.
targetValue
String N/A Read-only Value of name in the target (as submitted to the subprocessor).
overallWeightedResult String N/A Read-only Weighted result of all reviewed fields as described in Biographic match results match definitions.
overallWeightedScore Decimal N/A Read-only Weighted score of all reviewed fields. A decimal number between 0 and 1.
comparisons.source String N/A Read-only The type of identity document to which submitted data is compared. Always GOVERNMENT_ID.
comparisons.status String N/A Read-only Status of the transaction.
comparisons.target String N/A Read-only How the submitted data was collected. Always REQUIREMENTS.

Identity record match results match definitions

Value Description
HIGH Based on a threshold, the quality of the match indicates that the match is an exact match or can be qualified as a near-exact match.
MEDIUM Based on a threshold, the quality of the match is not exact but can be qualified as a partial match or an alternate spelling for the same value.
LOW Based on a threshold, the quality of the match cannot be qualified as exact, near-exact, partial, or misspelled.
NONE A raw score was so low that we have no confidence in a match.
NOT_APPLICABLE A value was not found in the processed document for the given identifier. For example, the user is required to supply an address but the document supplied, such as a passport, does not have an address.

data object for type = FRONT_IMAGE, BACK_IMAGE, SELFIE, CROPPED_SIGNATURE. CROPPED_DOCUMENT, and CROPPED_PORTRAIT

master

Property Type Required? Mutable? Description
FORMAT String N/A Read-only The format of the image, typically JPEG
IMAGE String N/A Read-only The Base64-encoded image

data object for type = VOICE_SAMPLE

Available after voice enrollment.

Property Type Required? Mutable? Description
recordings Object[] N/A Read-only Array of objects of voice enrollment samples
recordings.channel String N/A Read-only Channel through which the recording was submitted. Can be MIC or TEL.
recordings.createdAt DateTime N/A Read-only Date and time when the voice enrollment sample was submitted
recordings.id String N/A Read-only Identifier (UUID) of the voice enrollment sample
recordings.recording String N/A Read-only Base64 encoded LPCM WAV voice enrollment sample
recordings.textDependent Boolean N/A Read-only Whether or not the voice enrollment sample was read from a fixed phrase

data object for type = VOICE_INPUT

Available after voice verification.

Property Type Required? Mutable? Description
recordings Object[] N/A Read-only Array of objects of voice verification samples
recordings.channel String N/A Read-only Channel through which the recording was submitted. Can be MIC or TEL.
recordings.createdAt DateTime N/A Read-only Date and time when the voice verification sample was submitted
recordings.id String N/A Read-only Identifier (UUID) of the voice verification sample
recordings.recording String N/A Read-only Base64 encoded LPCM WAV voice verification sample
recordings.textDependent Boolean N/A Read-only Whether or not the voice verification sample was read from a fixed phrase

data object for type = END_USER_CLIENT

Property Type Required? Mutable? Description
ipAddress String N/A Read-only The IP address, version 4 or 6, of the device that performs the verification
userAgent String N/A Read-only The HTTP user agent of the device that performs the verification

Verified data portrait background data model

This data model applies to Update Verified Data Portrait Background to replace the background of a self portrait (selfie) with a background of a uniform color defined in the backgroundColor object.

Property Type Required? Mutable? Description
backgroundColor Object Required Immutable Color of the replacement background as an RGB color mode.
red Integer Required Immutable Value of RED in the range 0-255.
green Integer Required Immutable Value of GREEN in the range 0-255.
blue Integer Required Immutable Value of BLUE in the range 0-255.
aspectRatio Object Required Immutable An object that represents an aspect ratio between 1/30 and 30. Both integers are required.
aspectHeight Integer Required Immutable Value of the height in the aspect ratio in the range 1-1000.
aspectWidth Integer Required Immutable Value of the width in the aspect ratio in the range 1-1000.

Read All User Verified Data


Read One User Verified Data


Update Verified Data Portrait Background


Delete All User Verified Data


Delete One User Verified Data

Verification Metadata

For each verification attempt, you can retrieve all scores in the transaction returned from verification services. The metaData endpoint, /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/metaData, receives all requests for scores associated with the verification attempt and returned from verification services.

Only those with an Identity Data Admin role are permitted to use the metaData endpoint.

All verification metaData data model

When all metadata for a verification transaction are requested, the verification metadata for each verification type of the most recent retry appears in a metaData array in the response. The verification metaData data model for each verification type of earlier retries appear in a previousAttempts array in the response.

Property Type Required? Mutable? Description
_embedded Object N/A Read-only Container for returned data.
metaData Object[] N/A Read-only Array of verification metaData objects for each verification type for the most recent verification attempt.
previousAttempts Object[] N/A Read-only Array of verification metaData objects for each verification type for unacceptable verification attempts.
size Integer N/A Read-only The number of objects returned in metaData.

Specific verification metaData data model

When specific metadata for a verification type within a verification transaction are requested, the verification metaData data model appears as the response, regardless of which retry attempt it is.

Verification metaData data model

Property Type Required? Mutable? Description
data Object N/A Read-only Data object data model.
id String N/A Read-only Identifier (UUID) of the transaction metadata.
provider String N/A Read-only The provider of metadata in the object. Can be: AMAZON, BABEL_STREET, BIOGRAPHIC_MATCHER, IDRND, MITEK, or VERIFF.
retry.attempt Integer N/A Read-only Number of the retry attempt when submitting images.
status String N/A Read-only Status of the check. Can be SUCCESS or FAIL.
type String N/A Read-only The type of metadata in the object. Can be: FACIAL_COMPARISON, BIOGRAPHIC_MATCH, IDENTITY_RECORD_MATCHING, INJECTION_DETECTION, LIVENESS, VOICE_ENROLLMENT, VOICE_VERIFICATION, DOCUMENT_AUTHENTICATION, DOCUMENT_MANUAL_AUTHENTICATION, AAMVA, or AADHAAR.

data object data model

The data object in verification metadata varies depending on the values of type and provider as seen in the table.

Type Provider Data model
FACIAL_COMPARISON AMAZON data model
BIOGRAPHIC_MATCH BABEL_STREET data model
BIOGRAPHIC_MATCH BIOGRAPHIC_MATCHER data model
IDENTITY_RECORD_MATCHING BABEL_STREET data model
INJECTION_DETECTION IDRND data model
LIVENESS IDRND data model
VOICE_ENROLLMENT IDRND data model
VOICE_VERIFICATION IDRND data model
DOCUMENT_AUTHENTICATION MITEK data model
DOCUMENT_AUTHENTICATION VERIFF data model
DOCUMENT_MANUAL_AUTHENTICATION MITEK data model
AAMVA MITEK data model
AADHAAR VERIFF data model

data object for FACIAL_COMPARISON + AMAZON

Property Type Required? Mutable? Description
confidence Double N/A Read-only A float between 0 and 100 that represents the level of confidence that the image contains a face.
quality.
brightness
Double N/A Read-only A float between 0 and 100 that represents the brightness of the face. A higher value indicates a brighter face image.
quality.
sharpness
Double N/A Read-only A float between 0 and 100 that represents the sharpness of the face. A higher value indicates a sharper face image.
similarity Double N/A Read-only A float between 0 and 100 that represents the level of confidence that the faces match.

data object for BIOGRAPHIC_MATCH + BABEL_STREET

While GOVERNMENT_ID configuration includes BIOGRAPHIC_MATCH in Verify Policies, results are returned separately in verification metadata.

Property Type Required? Mutable? Description
detailedResults.address String N/A Read-only Address of the identity.
detailedResults.address.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.address.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.birth_date String N/A Read-only Birth date of the identity in ISO 8601 YYYY-MM-DD format.
detailedResults.birth_date.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.birth_date.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.family_name String N/A Read-only Family name of the identity.
detailedResults.family_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.family_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.given_name String N/A Read-only Given name of the identity. Can optionally include middle name.
detailedResults.given_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.given_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
detailedResults.name String N/A Read-only Full name of the identity.
detailedResults.name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Biographic match results match definitions.
detailedResults.name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
overallWeightedResult String N/A Read-only Weighted result of all reviewed fields as described in Biographic match results match definitions.
overallWeightedScore Decimal N/A Read-only Weighted score of all reviewed fields. A decimal number between 0 and 1.
Biographic match results match definitions
Value Description
HIGH Based on a threshold, the quality of the match indicates that the match is an exact match or can be qualified as a near-exact match.
MEDIUM Based on a threshold, the quality of the match is not exact but can be qualified as a partial match or an alternate spelling for the same value.
LOW Based on a threshold, the quality of the match cannot be qualified as exact, near-exact, partial, or misspelled.
NONE A raw score was so low that we have no confidence in a match.
NOT_APPLICABLE A value was not found in the processed document for the given identifier. For example, the user is required to supply an address but the document supplied, such as a passport, does not have an address.

data object for IDENTITY_RECORD_MATCHING + BABEL_STREET

Property Type Required? Mutable? Description
comparisons Object[] N/A Read-only Array of objects with results of comparisons.
comparisons.detailedResults.address String N/A Read-only Address of the identity.
comparisons.detailedResults.address.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.address.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.birth_date String N/A Read-only Birth date of the identity in ISO 8601 YYYY-MM-DD format.
comparisons.detailedResults.birth_date.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.birth_date.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.family_name String N/A Read-only Family name of the identity.
comparisons.detailedResults.family_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.family_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.given_name String N/A Read-only Given name of the identity. Can optionally include middle name.
comparisons.detailedResults.given_name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.given_name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.detailedResults.name String N/A Read-only Full name of the identity.
comparisons.detailedResults.name.
confidence
String N/A Read-only Confidence level of the match returned by the service as described in Identity record match results match definitions.
comparisons.detailedResults.name.
rawScore
String N/A Read-only Raw numeric score returned by the service. Ranges from 0 to 1.
comparisons.overallWeightedResult String N/A Read-only Weighted result of all reviewed fields as described in Identity record match results match definitions.
comparisons.overallWeightedScore Decimal N/A Read-only Weighted score of all reviewed fields. A decimal number between 0 and 1.
comparisons.source String N/A Read-only The type of identity document to which submitted data is compared. Always GOVERNMENT_ID.
comparisons.status String N/A Read-only Status of the transaction.
comparisons.target String N/A Read-only How the submitted data was collected. Always REQUIREMENTS.
Identity record match results match definitions
Value Description
HIGH Based on a threshold, the quality of the match indicates that the match is an exact match or can be qualified as a near-exact match.
MEDIUM Based on a threshold, the quality of the match is not exact but can be qualified as a partial match or an alternate spelling for the same value.
LOW Based on a threshold, the quality of the match cannot be qualified as exact, near-exact, partial, or misspelled.
NONE A raw score was so low that we have no confidence in a match.
NOT_APPLICABLE A value was not found in the processed document for the given identifier. For example, the user is required to supply an address but the document supplied, such as a passport, does not have an address.

data object for BIOGRAPHIC_MATCH + BIOGRAPHIC_MATCHER

While GOVERNMENT_ID configuration includes BIOGRAPHIC_MATCH in Verify Policies, results are returned separately in verification metadata.

Property Type Required? Mutable? Description
biographic_match_results Object[] N/A Read-only Array of objects containing the results
biographic_match_results.
identifier
String N/A Read-only Attribute that was checked. Can be address, birth_date, family_name, given_name, or name.
biographic_match_results.
match
String N/A Read-only Relative indicator of success as described in Biographic match results match definitions

data object for INJECTION_DETECTION + IDRND

While LIVENESS configuration includes INJECTION_DETECTION in Verify Policies, results are returned separately in verification metadata.

Property Type Required? Mutable? Description
probability Double N/A Read-only A float, either 0.0 or 1.0, that represents the probability of no injection attacks in the image.

data object for LIVENESS + IDRND

Property Type Required? Mutable? Description
probability Double N/A Read-only A float between 0 and 1 that represents the liveness probability of the image.
quality Double N/A Read-only A float between 0 and 1 that represents the quality of the image.
score Double N/A Read-only A float that represents the raw liveness score. A higher value means more alive.

data object for VOICE_ENROLLMENT + IDRND

Available with voice enrollment.

Property Type Required? Mutable? Description
recordingComparisons Object[] N/A Read-only Array of objects of voice enrollment comparisons between pairs of samples.
recordingComparisons.
probability
Double N/A Read-only A float between 0 and 1 that represents the comparison probability of the voice enrollment sample.
recordingComparisons.
score
Double N/A Read-only A float that represents a raw comparison score, intended to be used for evaluation and data calibration. A higher value means more closely matched voice enrollment samples.
recordingComparisons.
voiceTemplateIds
String[] N/A Read-only Array of identifiers (UUIDs) of the voice templates (a construct that contains the uniquely identifying biological characteristics of a person's voice) for the voice enrollment samples compared.
recordings Object[] N/A Read-only Array of objects of voice enrollment samples.
recordings.antispoof.probability Double N/A Read-only A float between 0 and 1 that represents the probability that the voice enrollment sample is not a spoofed recording.
recordings.antispoof.
score
Double N/A Read-only A float that represents a raw comparison score, intended to be used for evaluation and data calibration. A higher value means the voice enrollment sample is less likely a spoofed recording.
recordings.antispoof.
unsuitable_input_message
Boolean N/A Read-only Whether or not the voice enrollment sample is a suitable submission.
recordings.quality.
obtained_values.SNR
Double N/A Read-only A float that represents the signal-to-noise ratio of the submitted voice enrollment sample in deciBels (dB).
recordings.quality.
obtained_values.SpeechLength
Double N/A Read-only A float that represents duration of the voice enrollment sample in milliseconds.
recordings.quality.
threshold_values.SNR
Double N/A Read-only A float that represents the threshold for acceptable signal-to-noise ratio of the voice enrollment sample in deciBels (dB).
recordings.quality.
threshold_values.SpeechLength
Double N/A Read-only A float that represents the threshold for acceptable duration of the voice enrollment sample in milliseconds.
recordings.recordingId String N/A Read-only Identifier (UUID) of the voice enrollment sample.
recordings.voiceTemplateIds String N/A Read-only Identifier (UUID) of the voice template (a construct that contains the uniquely identifying biological characteristics of a person's voice) for this voice enrollment sample.

data object for VOICE_VERIFICATION + IDRND

Available with voice verification.

Property Type Required? Mutable? Description
matchResult.probability Double N/A Read-only A float between 0 and 1 that represents the match probability of the voice verification sample.
matchResult.score Double N/A Read-only A float that represents a raw comparison score, intended to be used for evaluation and data calibration. A higher value means more closely matched voice verification samples.
matchResult.voiceTemplateIds String[] N/A Read-only Array of identifiers (UUIDs) of the voice templates (a construct that contains the uniquely identifying biological characteristics of a person's voice) for the voice enrollment samples compared.
recordingData.antispoof.
score
Double N/A Read-only A float that represents a raw comparison score, intended to be used for evaluation and data calibration. A higher value means the voice verification sample is less likely a spoofed recording.
recordingData.antispoof.
unsuitable_input_message
Boolean N/A Read-only Whether or not the voice verification sample is a suitable submission.
recordingData.quality.
obtained_values.SNR
Double N/A Read-only A float that represents the signal-to-noise ratio of the submitted voice verification sample in deciBels (dB).
recordingData.quality.
obtained_values.SpeechLength
Double N/A Read-only A float that represents duration of the voice verification sample in milliseconds.
recordingData.quality.
threshold_values.SNR
Double N/A Read-only A float that represents the threshold for acceptable signal-to-noise ratio of the voice verification sample in deciBels (dB).
recordingData.quality.
threshold_values.SpeechLength
Double N/A Read-only A float that represents the threshold for acceptable duration of the voice verification sample in milliseconds.
recordingData.recordingId String N/A Read-only Identifier (UUID) of the voice verification sample.
recordings.voiceTemplateIds String N/A Read-only Identifier (UUID) of the voice template (a construct that contains the uniquely identifying biological characteristics of a person's voice) for this voice enrollment sample.

data object for DOCUMENT_AUTHENTICATION + MITEK

Property Type Required? Mutable? Description
backImageDocumentId String N/A Read-only Identifier (UUID) that is referenced in mitekVerifications object to determine the image the verification ran on.
documentEvidenceId String N/A Read-only Identifier (UUID) that is referenced in mitekVerifications object to determine the image the verification ran on.
frontImageDocumentId String N/A Read-only Identifier (UUID) that is referenced in mitekVerifications object to determine the image the verification ran on.
mitekVerifications Object N/A Read-only Verification results object.
mitekVerifications.
documentId
String N/A Read-only Identifier (UUID) of the image the verification ran on.
mitekVerifications.
judgement
String N/A Read-only Overall determination of the authenticity of the dossier based on the evidence presented. Permitted values are: Authentic, Fraudulent, and Undetermined.
mitekVerifications.
name
String N/A Read-only Name of the authenticator (test).
mitekVerifications.
notifications
Object N/A Read-only An object of any number of name-value pairs, where the name is a notification code and the value is its description, in the event an authenticator was unable to run.
mitekVerifications.
probability
Integer N/A Read-only A number that represents the overall authenticity score used in determining the authenticity of the dossier.
mitekVerifications.
verificationType
Integer N/A Read-only A 3-digit number (code) that indicates the type of authenticator.
mitekVerifications.
version
String N/A Read-only Version of the individual authenticator.

data object for DOCUMENT_AUTHENTICATION + VERIFF

Property Type Required? Mutable? Description
veriffVerification Object N/A Read-only Verification results object.
veriffVerification.acceptanceTime DateTime N/A Read-only Timestamp for acceptance of the document.
veriffVerification.code String N/A Read-only Vendor's verification result code.
veriffVerification.decisionTime DateTime N/A Read-only Timestamp of the decision on the document.
veriffVerification.id String N/A Read-only Unique identifier (UUID) for the results.
veriffVerification.status String N/A Read-only Vendor's status for the verification; can be approved, abandoned, declined, expired, resubmission_requested, review, started, or submitted.
veriffVerification.vendorData String N/A Read-only Vendor's unique identifier (UUID) for the results.
veriffVerification.reason String N/A Read-only Vendor's reason description for disapproval.
veriffVerification.reasonCode String N/A Read-only Vendor's reason code for disapproval.

data object for DOCUMENT_MANUAL_AUTHENTICATION + MITEK

Property Type Required? Mutable? Description
customerReferenceId String N/A Read-only Identifier (UUID) of the customer.
mitekVerifications Object N/A Read-only Verification results object.
mitekVerifications.
authenticity.result.reasons
String[] N/A Read-only Array of strings with the reasons why the authenticity result is NOT_AUTHENTIC.
mitekVerifications.
authenticity.result
String N/A Read-only Whether the document authenticity is deemed AUTHENTIC or NOT_AUTHENTIC.
mitekVerifications.
notifications
Object N/A Read-only An object of any number of name-value pairs, where the name is a notification code and the value is its description, in the event an authenticator was unable to run.
mitekVerifications.
originality.result.reasons
String[] N/A Read-only Array of strings with the reasons why the originality result is NOT_ORIGINAL.
mitekVerifications.
originality.result
String N/A Read-only Whether the document originality is deemed ORIGINAL or NOT_ORIGINAL.
mitekVerifications.
validity.result.reasons
String[] N/A Read-only Array of strings with the reasons why the validity result is NOT_VALID.
mitekVerifications.
validity.result
String N/A Read-only Whether the document validity is deemed VALID or NOT_VALID.
requestId String N/A Read-only Identifier (UUID) of the request for manual authentication.

data object for AAMVA + MITEK

Property Type Required? Mutable? Description
matchResults.dateOfBirth Boolean N/A Read-only Whether the data of birth on the submitted government identity document matches the date of birth in the system of record.
matchResults.documentNumber Boolean N/A Read-only Whether the document number on the submitted government identity document matches the document number in the system of record.
requestId String N/A Read-only Identifier (UUID) of the request for Mitek AAMVA verification.

data object for AADHAAR + VERIFF

Property Type Required? Mutable? Description
aadhaarVerification Object N/A Read-only Object containing data returned by the vendor.
aadhaarVerification.acceptanceTime DateTime N/A Read-only Date and time the request was accepted.
aadhaarVerification.code Integer N/A Read-only Provider's code for the status returned by Veriff Aadhaar verification.
aadhaarVerification.decisionTime DateTime N/A Read-only Date and time the verification decision was rendered.
aadhaarVerification.id String N/A Read-only Identifier (UUID) of the request for Veriff Aadhaar verification.
aadhaarVerification.reason String N/A Read-only Description of the reason for a failed verification.
aadhaarVerification.reasonCode String N/A Read-only Provider's Aadhaaar session identifier.
aadhaarVerification.status String N/A Read-only Status of the verification returned by Veriff Aadhaar verification.
aadhaarVerification.vendorData String N/A Read-only Identifier (UUID) of the verify transaction for the Aadhaar verification.
code status
9001 approved
9102 declined
9103 resubmission_requested
9121 review
reason
During generate OTP
Invalid session Id
Invalid attempt to resend the OTP
OTP generation limit reached
MFA already completed
Internal server error
Document number provided is not correct
Document number does not match any actual Aadhaar entries
Invalid phone number tied to document number
Request to generate OTP was done within 60 seconds of the last OTP generation
During verify OTP
Invalid session Id
The OTP entered is not valid, please ensure it is a 6-digit number
An OTP was not generated for the Aadhaar identifier
MFA already completed
Internal server error
The OTP entered is incorrect
Maximum number of OTP attempt reached

Read All Verification Metadata


Read One Verification Metadata


Delete All Verification Metadata


Delete One Verification Metadata

Verification Metrics

For each verification transaction, you can retrieve all application events for the transaction that were generated by the verification service. Use the appEvents endpoint, /environments/{{envID}}/users/{{userID}}/verifyTransactions/{{transactionID}}/appEvents to retrieve application events associated with the verification transaction.

Only those with an Identity Data Admin role are permitted to use the appEvents endpoint.

Verification metrics object data model

When retrieving the collection of application events for a specified transaction, the application event objects described in these data model tables are contained in an appEvents object array.

Property Type Required? Mutable? Description
collectionDate String N/A Read-only Date that the application event was collected
data Object N/A Read-only Contains the application event objects where the key is the type of application event; refer to ADDITIONAL_INFORMATION, CAMERA, DATA_CAPTURE, DEVICE_METADATA, ERRORS, ID_CAPTURE, QR_SCANNER, or SELFIE_CAPTURE
id String N/A Read-only Identifier (UUID) of the application event

ADDITIONAL_INFORMATION data object

Property Type Required? Mutable? Description
custom_app_theme String N/A Read-only Whether or not the SDK is using a custom AppTheme; can be TRUE or FALSE
document_submission_complete String N/A Read-only Epoch seconds of when submission completed
sdk_initialization_type String N/A Read-only How the SDK was initialized, from a QR code (qrScanner) or a string from an already parsed QR code (qrString)
sdk_initialization String N/A Read-only Epoch seconds of when SDK initialized
sdk_resuming_flow String N/A Read-only Whether or not the SDK dropped a previous session and is resuming from where it left off; can be TRUE or FALSE

CAMERA data object

Property Type Required? Mutable? Description
config_flash_enabled String N/A Read-only Whether or not the camera's flash is enabled; can be TRUE or FALSE
config_focus_mode String N/A Read-only Camera focus mode; can be AUTO_FOCUS, CONTINUOUS_FOCUS, MANUAL_FOCUS
config_resolution String N/A Read-only Resolution of the camera preview
permission_granted String N/A Read-only Whether or not the user granted permission to use the camera; can be TRUE or FALSE

DATA_CAPTURE data object

Property Type Required? Mutable? Description
number_of_otps Integer N/A Read-only Count of one time passwords (OTP) sent
otp_canceled String N/A Read-only Whether or not the user canceled a one time password (OTP) attempt; can be email_TRUE, email_FALSE, phone_TRUE, or phone_FALSE
otp_result String N/A Read-only Whether or not a one time password (OTP) attempt succeeded; can be email_TRUE, email_FALSE, phone_TRUE, or phone_FALSE
otp_start String N/A Read-only Epoch seconds of when one time password (OTP) collection started
otp_stop String N/A Read-only Epoch seconds of when one time password (OTP) collection ended
otp_timeout String N/A Read-only Whether or not a one time password (OTP) attempt timed out; can be email_TRUE, email_FALSE, phone_TRUE, or phone_FALSE
otp_tries Integer N/A Read-only Count of one time password (OTP) attempts
requirements String N/A Read-only Whether or not data capture was required; can be email_TRUE, email_FALSE, phone_TRUE, or phone_FALSE
skipped String N/A Read-only Whether or not the user skipped one time password (OTP) capture; can be email_TRUE, email_FALSE, phone_TRUE, or phone_FALSE
start String N/A Read-only Epoch seconds of when selection of email or SMS for a one time password (OTP) started
stop String N/A Read-only Epoch seconds of when selection of email or SMS for a one time password (OTP) ended

DEVICE_METADATA data object

Property Type Required? Mutable? Description
app_package String N/A Read-only Bundle identifier or application package (URI) embedding the SDK
browser String N/A Read-only Name of the browser; can be Chrome, Firefox, Safari, Opera, Edge, or Other
device_manufacturer String N/A Read-only Manufacturer of the device used for the transaction, if applicable, such as Apple or Samsung
device_model String N/A Read-only Model of the device used for the transaction, if applicable, such as iPhone14 or GalaxyS22
device_type String N/A Read-only Type of device used for the transaction; can be IOS, ANDROID, MOBILE_WEB, or DESKTOP_WEB
os_version String N/A Read-only Version of the operating system on the device used for the transaction, if applicable, such as 14.3 or 13
sdk_version String N/A Read-only Version of the SDK
user_agent String N/A Read-only User-Agent HTTP header returned by the browser

ERRORS data object

Capture flow errors
Property Type Required? Mutable? Description
camera_permission_not_granted String N/A Read-only Whether or not the user refused to grant permission to use the camera; always TRUE
config_flash_enabled String N/A Read-only Whether or not the camera's flash is enabled; can be TRUE or FALSE
config_focus_mode String N/A Read-only Camera focus mode; can be AUTO_FOCUS, CONTINUOUS_FOCUS, MANUAL_FOCUS
config_resolution String N/A Read-only Resolution of the camera preview
data_mismatch_between_front_and_back Integer N/A Read-only Count of occurrences of data mismatch between front and back
id_capture_camera_start_error String N/A Read-only Text of any camera start errors returned by the service during identity document capture
id_flashlight_glare Integer N/A Read-only Count of occurrences of glare from the camera flash on the identity document
id_full_side_not_visible Integer N/A Read-only Count of occurrences where the full side of the identity document was not visible
id_too_far Integer N/A Read-only Count of occurrences where the identity document was too far from the camera
id_type_categorization_error String N/A Read-only Text of any type categorization errors returned by the service
id_type_unsupported String N/A Read-only Whether or not the camera's flash is enabled; always TRUE
selfie_camera_start_error String N/A Read-only Text of any camera start errors returned by the service during selfie capture
selfie_face_not_aligned_x_axis Integer N/A Read-only Count of occurrences where the face was turned too far left or right
selfie_face_not_aligned_y_axis Integer N/A Read-only Count of occurrences where the face was turned too far up or down
selfie_face_not_aligned_z_axis Integer N/A Read-only Count of occurrences where the face was tipped too far clockwise or counterclockwise
selfie_face_too_close Integer N/A Read-only Count of occurrences where the face was too close to the camera
selfie_face_too_far Integer N/A Read-only Count of occurrences where the face was too far from the camera
selfie_multiple_faces Integer N/A Read-only Count of occurrences where multiple faces were discerned in the image
selfie_no_face_present Integer N/A Read-only Count of occurrences where no faces were discernible in the image
Network errors
Property Type Required? Mutable? Description
network_lost String N/A Read-only Epoch seconds of when network was lost
Other errors
Property Type Required? Mutable? Description
sdk_error String N/A Read-only Description of uncategorized errors from the SDK with the epoch seconds of when the error occurred
app_event_error String N/A Read-only Description of errors while initializing an app event object with the epoch seconds of when the error occurred

ID_CAPTURE data object

Property Type Required? Mutable? Description
barcode_captured String N/A Read-only Epoch seconds of when capture of the barcode of the identity document ended
camera_params String N/A Read-only Camera parameters used for capture such as focus mode, resolution, and face detection service
canceled String N/A Read-only Whether or not the user canceled identity document capture; can be TRUE or FALSE
classification String N/A Read-only Classification of the identity document; can be Driver License or Passport
image_#NUMBER_has_face String N/A Read-only Whether or not the image (where #NUMBER is the page number of the image) has a face; can be TRUE or FALSE
image_#NUMBER_score Double N/A Read-only Identity document image (where #NUMBER is the page number of the image) quality score in the range of 0 to 1
image_#NUMBER_size String N/A Read-only Resolution of the identity document image (where #NUMBER is the page number of the image)
image_blurred String N/A Read-only Whether or not the image is blurry; can be TRUE or FALSE
mrz_captured String N/A Read-only Epoch seconds of when capture of the machine readable zone (MRZ) of the identity document ended
page_captured String N/A Read-only Page number and epoch seconds, separated by an underscore, for when capture of an identity document image ended. Those with front and back images have pages 1 and 2, such as 1_1650507635 and 2_1650507657. For passports, when capturing more than one page, page numbers are sequential until all pages are captured.
skipped String N/A Read-only Whether or not the user skipped identity document capture; can be TRUE or FALSE
start String N/A Read-only Epoch seconds of when identity document capture started
stop String N/A Read-only Epoch seconds of when identity document capture ended
timeout String N/A Read-only Epoch seconds of when identity document capture timed out
total_images Integer N/A Read-only Count of captured pages of the identity document
vendor String N/A Read-only Vendor used for capturing the identity document; can be MicroBlink, Mitek, or Ping

QR_SCANNER data object

Property Type Required? Mutable? Description
canceled String N/A Read-only Whether or not QR scanning was canceled by the user; can be TRUE or FALSE
result String N/A Read-only Result of scanning a QR code; can be VALID OR INVALID
start String N/A Read-only Start time for scanning a QR code
stop String N/A Read-only Stop time for scanning a QR code

SELFIE_CAPTURE data object

Property Type Required? Mutable? Description
canceled String N/A Read-only Whether or not the user canceled selfie capture; can be TRUE or FALSE
face_detection_service String N/A Read-only Service used for capturing the selfie; can be VisionKit, CoreImage, or FirebaseMLKit
liveness_check_requested String N/A Read-only Whether or not the SDK requested a liveness check; can be TRUE or FALSE
number_of_selfies_captured Integer N/A Read-only Count of captured selfies
original_selfie_size String N/A Read-only Resolution of the selfie image
selfie_face_size String N/A Read-only Percentage size of the face in the final captured selfie (includes the percent sign, %)
selfie_pitch_angle Integer N/A Read-only Pitch angle in degrees (rotation around x-axis) where the face was turned left or right
selfie_roll_angle Integer N/A Read-only Roll angle in degrees (rotation around y-axis) where the face was turned up or down
selfie_score Double N/A Read-only Selfie image quality score in the range of 0 to 1
selfie_yaw_angle Integer N/A Read-only Yaw angle in degrees (rotation around z-axis) where the face was tipped clockwise or counterclockwise
skipped String N/A Read-only Whether or not the user skipped selfie capture; can be TRUE or FALSE
start String N/A Read-only Epoch seconds of when selfie capture started
stop String N/A Read-only Epoch seconds of when selfie capture ended
timeout String N/A Read-only Epoch seconds of when identity document capture timed out
vendor String N/A Read-only Vendor used for capturing the selfie; can be MicroBlink, Mitek, or Ping

Read All Verify Transaction Metrics


Read One Verify Transaction Metric


Delete All Verify Transaction Metrics


Delete One Verify Transaction Metric

Verification Actions

Users are limited in the number of verifications transactions permitted per hour and per day. If a user exceeds either limit, the cooldown period is based on the limit exceeded. If the user exceeds the limit of transactions in an hour, they must wait until an hour after the first transaction. If the user exceeds the limit of transactions in a day, they must wait until a day after the first transaction. If a user cannot wait for the end of the cooldown period, an Identity Data Admin can reset the verification limits for that user with the Reset Verification request.


Reset Verification

Working with PingOne APIs

If you want to start building your own workflows with PingOne APIs, the Workflow Library provides step-by-step workflows with linked Postman collections to help you start using the PingOne APIs in your Postman environment. For information about how PingOne secures APIs, resources, and data, and what you can do to implement security measures for your PingOne deployment and applications, refer to Platform security.

If you're new to PingOne and have not set up your test environment, refer to PingOne for Developers Getting Started. This guide helps you get an admin access token, which is required to make API calls to Neo API resources.

PingOne API domains

This section discusses how PingOne API regional endpoints are entered in the domain name system (DNS). In DNS, and in our endpoints, the domain part of the uniform resource locator (URL) comprises three parts separated by periods, such as api.pingone.com: one of our service-specific subdomains, our PingOne domain name of pingone, and one of our top level domains.

We use Postman variables to manage this variety of domain parts in PingOne API endpoints. The later discussion is correct regarding the domain part that the variables evaluate to. However, to ease maintenance, the Postman environment template you get when you download a collection uses variables to isolate the TLD from the rest of the domain part and to isolate the domain part from the rest of the endpoint.

The environment template has a path variable for each subdomain. Each path variable uses another variable, {{tld}}, for the top level domain (TLD). Such as https://api.pingone.{{tld}}/v1 for {{apiPath}}. The tld variable is first in the environment template that you downloaded.

The table below shows the top level domain value for each region. To change your region, simply change the default {{tld}} value from com to your region's TLD.

Region Code Top level domain
North America region (excluding Canada) NA com (default)
Canada region CA ca
European Union region EU eu
Australia region AU com.au
Singapore region SG sg
Asia-Pacific region AP asia

The PingOne API includes the following domains:

Domain Postman path variable Description
api.pingone.{{tld}} {{apiPath}} The primary domain for calling PingOne Management API resource server.
auth.pingone.{{tld}} {{authPath}} The authorization and authentication server domain called to request the access token required to authenticate PingOne API requests.
orchestrate-api.pingone.{{tld}} {{orchestratePath}} The primary domain for calling the PingOne DaVinci Management API resource server.
scim-api.pingone.{{tld}} {{scimPath}} PingOne API service for Cross-domain Identity Management (SCIM).

The {{...Path}} variable in the sample requests stand for the PingOne service endpoint. Refer to Public endpoints in the PingOne for Developers Foundations guide for more information.

The Try a Request feature

Our documentation for the PingOne APIs includes an interactive Try a Request feature. Try a Request enables you to configure and send a PingOne API request and get a response from within the documentation. This is a quick way to interactively test a PingOne API request without needing to use either Postman or the command line.

Requests in Authentication and Authorization APIs do not have the Try a Request feature due to a Cross-Origin Resource Sharing (CORS) constraint.

Calling the PingOne APIs from the command line

Each PingOne API request in the documentation includes an example request and response. By default, the example request is displayed using cURL. However, a number of coding languages are available in the associated drop-down list. If you want to run a request from the command line, you can select the coding language and copy the displayed request. You'll need to replace any variables in the request with the appropriate values before running the request.

Using Postman collection-level authorization

Most APIs require authorization to ensure that client requests access data securely. Postman can pass along whatever authorization details necessary for the method demanded by the endpoint. You can manually include authorization data in the header, body, or as parameters to a request. However, the easiest way is to use the Authorization tab in Postman. Select an authorization Type on that tab and Postman offers a dialog to gather the information required by that Type. When you run a request, Postman uses the information from the Authorization tab to automatically add the necessary authorization header, body, or parameters to the request. Postman offers the Authorization tab on requests, folders, and collections.

In PingOne collections, the authorization method is defined at the collection level. Only those requests that require a specific authorization method have authorization defined on the request (roughly 10% of PingOne requests). This allows you to easily change the authorization used for most requests. Refer to Postman Collection-Level Authorization for more information.

Postman and the PingOne APIs

We use Postman to create our PingOne Neo API docs, and have supplied our Postman collections for you to download. There's also an accompanying Postman Environment template already populated with the variables used in the collections.

If you aren't currently using Postman, you can install the free version. Refer to Download Postman to install Postman, either locally, or in your browser.

Refer to The PingOne Neo API Postman collections for the collections you can download or fork.

For more information about our Postman environment variables, refer to The PingOne Postman environment template.

You'll also find all of the Postman collections for our documented PingOne use cases in our Workflow Library.

The PingOne Postman collections

You can get the PingOne Neo API Postman collection by following either of these methods for retrieving a Postman collection into your workspace:

  1. Fork the collection into your workspace. Postman retains an association between the source and your fork. If we update the source collection, you can pull those changes into the fork in your workspace.

  2. Import the collection into your workspace. This is a one-time transfer and retains no association to the source collection.

To retrieve a collection

Refer to The PingOne Neo API collections on this page.

  1. Click the collection's Run In Postman button.

  2. At the prompt, click Fork Collection at the bottom of the dialog or click import a copy near the bottom of the dialog.

    RunInPostman

  3. Follow the on-screen instructions to fork or import the collection. You're prompted to select a Postman workspace for the retrieved collection.

When you fork a Postman collection, you create a copy of it in a selected workspace. Forking a collection creates a linked version that synchronizes with its source collection. This synchronization is apparent when you click the three dots icon on the forked collection - you'll see Pull changes on the context menu. When you click Pull changes, Postman compares the fork to the source collection. If changes are available, you can pull those changes into your fork. If you also elect to watch the collection, you'll receive notifications when the source changes.

If you import a collection, a copy is created in the selected workspace with no link back to the source. The collection is static. This may be desirable for some use cases. For example, if you intend to keep and use only some requests in a collection, a link back to the source is not needed.

You're not limited to choosing one method or the other. You can fork a copy to track the source and import a copy for experimentation, if you like.

The PingOne Neo API collections

These Postman collections include requests for all create, read, update, and delete (CRUD) operations for the PingOne Neo APIs.

Collection Description Retrieve
PingOne Neo Postman requests for the PingOne Neo API. Includes all environment variables. No example responses to make it easy to get started. Run In Postman
PingOne Neo Postman requests for the PingOne Neo API. Includes all PingOne Platform API Reference documentation and example responses. No environment variables are included. Run In Postman

For more information about the Postman environment variables included when you download or fork one of our Postman collections, refer to The PingOne Postman environment template.

The PingOne Postman environment template

Our Postman collections use variables in the request URLs to specify the UUIDs for PingOne resources. When you click the Run in Postman button for a collection, these environment variables are included in your download or fork. Use these environment variables as a template to assign your PingOne resource UUIDs with the common variables used in many of the requests.

For more information about using Postman environments, refer to the following topic in the Postman documentation: Environments in Postman.

POST requests in the PingOne Neo API Postman collections that create a resource and return a resource ID include a Postman script. This script automatically adds a resource variable to your active Postman environment, and uses the newly created ID as the value.

For example, the following request creates a new Neo variable. This request URL contains variables for the API path and environment ID:

POST {{apiPath}}/environments/{{envID}}/variables

To run this request, you must ensure the {{apiPath}} in the Postman environment template has the regional top-level domain (TLD) associated with your organization. Refer to Variables you must value for more information.

Almost every request in PingOne requires an environment ID. If you are working primarily in one environment for testing purposes, you'll want to add your environment's UUID to your active Postman environment as the value for the {{envID}} variable.

Requests to PingOne Management API endpoints require a valid access token to authenticate the request. In the PingOne Postman collections, the token value is represented in the Postman environment template as the variable {{accessToken}}.

With the {{tld}} and {{envID}} variables defined in your Postman template, and with a valid token value defined in the {{accessToken}} variable, you can run the request shown above:

POST {{apiPath}}/environments/{{envID}}/variables

If the request is successful, Postman adds a {{variableID}} variable to the current Postman environment automatically, and associates the new user's id property value (the UUID of the new user) with this variable.

Notes about environment variables and security

It's important to understand how Postman allows you to Store and reuse values using variables. Postman has two values for each environment variable: an Initial value and a Current value. You'll want to pay particular attention to differences between Initial and current values. Initial values are saved to Postman's cloud, and available to anyone who has access to the environment. Current values are saved only locally and available only to you. Postman uses only the current value in requests. If an environment variable has an initial value but no current value, Postman doesn't copy it to the current value or use the initial value in the request, the request simply fails. In this case, you need to manually copy the initial value to the current value.

When you create a new variable with an initial value and save the environment, Postman autofills the current value. However, that is the only time that Postman autofills the current value. If you subsequently delete the current value, the variable is no longer valued in a request.

Saving initial values to the Postman cloud impacts security. These initial values are available to anyone who has access to the workspace. If a workspace is public, you have a security issue.

Postman's recommended solution to exposing secrets is to Store secrets in your Postman Vault. Remember that Postman uses only current values in requests.

Variables you must value

When you download or fork a PingOne Postman collection, your workspace receives a set of Postman environment variables for you to use as a template. The variables that represent a resource in PingOne automatically receive a value when you create a new PingOne resource using Postman. Our script associated with the request (shown on the request's Scripts tab) inserts the identifier of the resource it creates as the value of the variable associated with that resource. However, some variables essential to using Postman with PingOne do not have their values inserted automatically. You must manually add the correct value to these variables before making any requests in Postman:

Postman variable PingOne resource
adminAppID The Client ID of the Worker app you created Create an admin Worker app connection.
adminAppSecret The Client Secret of the Worker app created.
adminEnvID The ID for the environment in which your Worker app resides.
envID The ID for the environment in which you are running your Postman API requests.
orgID The ID for your organization. In the PingOne admin console, select Environment and click Properties to view your organization ID.
tld The top-level domain to use for your environment. This is used in URLs containing apiPath, authPath, orchestratePath, and scimPath.
apiPath The regional domain for the PingOne management server (https://api.pingone.{{tld}}/v1).
authPath The regional domain for the PingOne authorization and authentication server (https://auth.pingone.{{tld}}).
orchestratePath The regional domain for the PingOne DaVinci management server (https://orchestrate-api.pingone.{{tld}}/v1).
scimPath The regional domain for the PingOne SCIM management server (https://scim-api.pingone.{{tld}}).