User Verification API



Overview

  1. Upon completing the Provisioning Request below, you will be supplied with a group-specific, registration link which can be disseminated to your users to create accounts.  This link will automatically open a dialog box with your group auto-selected (see the User Interface section below for more details).  Your users will then enter their individual “human-readable” identifiers (typically their member number/ID). 

  2. The memberIdentifier will then be passed to your web service endpoint which must be SSL encrypted.  Your system will then determine whether the identifier is valid. 

  3. If the memberIdentifier is valid, your service passes back "isValid" : true as well as values for fields denoted as REQUIRED

  4. If the memberIdentifier is NOT valid, then your service passes back "isValid" : false.  The user then can re-enter their identifier or contact your group for help. 

Please note that self-signed SSL certificates will not work and cause an error.


Depending on which system you are integrating with, you will append the token we will provide to the URLs as part of the query string. This will auto-select your group from the list. You can optionally also pass in the memberIdentifier by using &memId and the corresponding value. This will auto-populate the member number/ID.

To find the URL for the system you are integrating with:

  1. Go to Systems,

  2. Select the system you are integrating with, and

  3. Find the section for the User Verification API info.


User Interface

Using the group-specific registration link, the user is presented with a screen with your group automatically selected.

 

If the memberIdentifier is valid, the user is asked to review their information and check a box certifying their identity.

 

The user will then finish creating their account by filling out the rest of the registration form.


Supported Authentication Methods

Access Token

You will provide us with an access_token_name and access_token_value with which to pass via HTTP Header.

HTTP Header

1 2 3 POST https://your-service-endpoint.com Content-Type: application/json access_token_name: access_token_value

OAuth 2.0 - Client Credentials

We currently only support the grant_type of client_credentials. The service must provide the authorization server’s token endpoint, client_id, and client_secret. See OAuth 2.0 Client Credentials for more details.

Variable

Type

Usage

Variable

Type

Usage

Delivery Endpoint

URL

The endpoint we will deliver activity progress data.

Authorization Endpoint

URL

The endpoint of the service that will receive the request for an access token.

client_id

varchar(255)

A public identifier.

client_secret

varchar(255)

A secret known only to the application and the authorization server.

HTTP Basic Auth Header

1 2 3 4 5 6 POST /token HTTP/1.1 Host: authorization-server.com grant_type=client_credentials &client_id=xxxxxxxxxx &client_secret=xxxxxxxxxx

JSON Response - Successful

No expiration is preferred. If expires_in is set, it must be a time increment of a month or greater. A refresh_token must be provided if there is an expiration.

1 2 3 4 5 6 7 8 9 10 11 HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store Pragma: no-cache { "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", "token_type":"bearer", "expires_in":3600, "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk" }

JSON Response - Unsuccessful

1 2 3 4 5 6 7 8 9 10 HTTP/1.1 400 Bad Request Content-Type: application/json;charset=UTF-8 Cache-Control: no-store Pragma: no-cache { "error": "invalid_request", "error_description": "Request was missing the 'redirect_uri' parameter.", "error_uri": "See the full API docs at https://authorization-server.com/docs/access_token" }

JSON GET

1 2 3 4 GET https://yourendpoint.com/service ?memberIdentifier=111111111 HTTP/1.1 Accept: application/json

JSON Response - Valid

1 2 3 4 5 6 7 8 9 HTTP/1.1 200 OK Content-Type: application/json { "isValid" : true, "firstName" : "John", "lastName" : "Doe", "email" : "john.doe@gmail.com", "dateOfBirth" : "1977-01-01T00:00:00", }

JSON Response - Invalid

1 2 3 4 5 6 7 8 9 HTTP/1.1 200 OK Content-Type: application/json { "isValid" : false, "firstName" : "", "lastName" : "", "email" : "", "dateOfBirth" : "", }

Variable

Type

Usage

Variable

Type

Usage

Required isValid

boolean

true false

Whether the identifier is valid.

Required firstName

varchar(255)

The first name of the user.

Required lastName

varchar(255)

The last name of the user. Do not include suffixes such as Jr, Sr, III, etc.

Required email

varchar(255)

The email address of the user.

Required dateOfBirth

date/time (UTC)

2000-01-01T00:00:00

The user’s date of birth.


Important Checklists

Testing

  • Make sure you are using the staging group-specific registration link when you are testing your integration. This will be supplied once you complete the Provisioning Request.

Production

  • Make sure you are using the production group-specific registration link for your production environment. This will be supplied once you complete the Provisioning Request.


This API is commonly used in conjunction with:


Provisioning Request

You can request User Verification API access using the form below.

Please make sure that you have submitted the Sign-Up Form prior to completing this provisioning request.


Support

All integration-related support requests should be sent to support@77media.com.