#
Audit Verifications
Verify includes an API that can integrate with your application to audit verifications. We provide an API where you can check and verify that the session has been indeed verified on RealEyes.
#
API Endpoints
The API endpoints are segmented by region as follows:
- EU: https://verify-api-eu.realeyesit.com/index.html
- US: https://verify-api-us.realeyesit.com/index.html
- SG: https://verify-api-sg.realeyesit.com/index.html
#
Request
The request method is POST /api/v1/redirect/validate-signature
An API reference for this functionality is also available via the API Reference page.
#
Authorization Header
X-Api-Key: Account API-Key
The API Key is available in the Developers Portal.
#
Request Body
Full query string with all the parameters:
{
"queryString": "?FULLQUERYSTRING"
}
#
Response
The possible response values are Valid and Invalid.
This API response signifies the validity of the re-signature, indicating that the corresponding verificationStatus (or any other QueryString parameters) was not manipulated by the user.
Independent Validation
Note that this response is totally independent from the verificationStatus value. It only validates that the signature is correct and the parameters haven't been tampered with.
#
Regional Service Warning
Regional Endpoints
Because this is a region-based service, you will need to call the correct EU / US / SG endpoint to audit the verifications.
The Realeyes Verify service will append the region query string parameter to the final redirect URL so you can use that to determine the region to use for auditing a given verification.
Example: If you try to verify a signature signed with the EU redirect site from the US API (or vice-versa), you will get an error.
#
Example
Python Example
Here you can find an example:
import requests
import json
url = "https://verify-api-region.realeyesit.com/api/v1/redirect/validate-signature"
api_key = "YOUR API KEY"
headers = {
"X-Api-Key": api_key,
"Content-Type": "application/json",
}
request = {
"queryString": "?FULLQUERYSTRING",
}
response = requests.post(url, headers=headers, data=json.dumps(request))
if response.status_code == 200:
print(response.json())
else:
print(response.status_code, response.text)
#
Use Cases
#
Prevent Fraud
Validate signatures on your server to ensure users haven't manipulated the verification results.
#
Compliance
Maintain an audit trail of all verifications for compliance purposes.
#
Quality Assurance
Verify that all incoming verification results are legitimate and haven't been tampered with.