Checkr Trust API (1.0)

Download OpenAPI specification:Download

API Development Team: checkr-trust@checkr.com URL: https://checkrtrust.com License: Proprietary

Checkr Trust API

Introduction

Checkr Trust is a modern, RESTful API-driven service designed to enhance trust and safety for your platform. The Checkr Trust API uses resource-oriented URLs, supports HTTPS for authentication and requests, and returns JSON responses.

The Checkr Trust API provides access to a rich set of data, including criminal records, traffic infractions, and registry checks. Once credentialed, you can start testing locally in minutes. For additional resources, please refer to our resource center. This documentation aims to help you quickly utilize Checkr Trust’s services, offering context and technical guidance for working with the API.

Intended Use Cases

Important: Checkr Trust is not a “consumer reporting agency” or otherwise a producer of “consumer reports,” as those terms are defined in the Fair Credit Reporting Act (“FCRA”). Checkr Trust data must not be accessed, obtained, disclosed, or otherwise used to make any decisions related to credit, insurance, employment, or any other purposes described in 15 U.S.C. § 1681b of FCRA

Get Credentialed

Before you can request data from this API, you must first work with a Checkr Trust Account Executive or Customer Success representative to set up and credential your account.

Best practices for securing your API credentials:

  • Do not store your credentials in your codebase or commit them to version control. Instead, securely store the key only in your production environment, such as in environment variables.
  • Do not store your API key on the client side. All requests should be made from the server side, and only necessary data should be passed to the client.
  • If an API key is compromised, contact Checkr Trust immediately to revoke it. Checkr Trust will expire the current key and your Account Executive or Customer Success Representative will issue you a new one.

Authenticate with Checkr Trust

Your API key can be used to make any API call on behalf of your account, such as creating profiles and checks. Currently, your API key has unlimited access and must be secured accordingly. Checkr Trust will provide you with your Client Key and Secret Key, which can be exchanged for an access token via OAuth. The generated access tokens expire in 24 hours if not refreshed. Below is a step-by-step guide.

OAuth 2.0 Overview

OAuth 2.0 is an authorization framework that allows applications to obtain access to a HTTP service. User authentication is delegated to the service that hosts the user account, while third-party applications are authorized to access the user account.

Terminology

  • Resource Owner: The user authorizing an application to access their account.
  • Client: The application requesting access to the user's account.
  • Authorization Server: The server authenticating the Resource Owner and issuing access tokens to the Client.
  • Resource Server: The server hosting protected resources, capable of responding to requests using access tokens.

OAuth 2.0 Flow

  1. Authorization Request
  2. Authorization Grant
  3. Access Token Request
  4. Access Token Response

Obtaining an Access Token

Step 1: Register Your Application

Before you start, register your application with the Authorization Server to obtain your client_id and client_secret.

Step 2: Access Token Request

Make a POST request to the token endpoint with your client_id and client_secret in the body.

Example Request

$ curl --location 'https://api.checkrtrust.com/v1/accounts/token' \
--header 'Content-Type: application/json' \
--data '{
    "client_id": "YOUR_CLIENT_ID",
    "client_secret": "YOUR_CLIENT_SECRET"
}'
Step 3: Access Token Response

If the request is successful, the Authorization Server responds with an access token, scopes, expiration time, and token type.

Example Successful Response:
{
"access_token": "eyJhb...(something long)...qJFlg",
"scope": "read:account create:account delete:account",
"expires_in": 86400,
"token_type": "Bearer"
}

If the request fails, the Authorization Server responds with an error message.

Example Error Response:
{
"error": "access_denied",
"error_description": "Unauthorized"
}

Using the Access Token

Include the access token in the Authorization header when making requests to the Resource Server.

Example Request

curl --location 'https://api.checkrtrust.com/v1/checks' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer ACCESS_TOKEN' \
--data '{
    "first_name": "John",
    "last_name": "Smith",
    "dob": "19880218"
}'

Error Handling

If any step in the OAuth 2.0 flow encounters an error, the Authorization Server returns an error response. These errors can include invalid requests, invalid clients, and invalid grants.

Webhooks

Our API uses webhooks to notify your application about asynchronous events, primarily when certain checks or verifications are completed. This allows you to receive results without needing to poll our API continuously.

Configuration

Currently, webhook endpoints must be configured by your Checkr Trust Account Executive. Please contact them to set up or update the URL where you wish to receive webhook events and to provide your shared secret key for signature verification (if desired).

Required Usage: Driver Checks & Document Verification

Receiving results for driver_checks (both driver_license_status and motor_vehicle_report) requires a configured webhook endpoint.

The results are delivered asynchronously via a webhook payload once the check/verification is complete. See the specific event schemas defined under the callbacks for the respective POST operations:

  • POST /driver_checks: driver-license-status-completed-event-body, motor-vehicle-report-completed-event-body

Payload Signing & Verification (HMAC-SHA256)

To ensure the integrity and authenticity of webhook payloads, we offer optional payload signing using HMAC-SHA256. This is highly recommended for securing your webhook endpoint.

How it Works:

  • When configured with a shared secret key (provided to your Account Executive), we will generate a signature for each webhook event payload.
  • This signature is calculated using the HMAC-SHA256 algorithm on the raw JSON payload of the webhook request body.
  • The resulting signature (as a hexadecimal string) is included in the webhook request's HTTP headers, under the X-Checkr-Signature header with the value sha256={signature}

Verifying the Signature (Recommended): You should verify this signature on your end to confirm that the payload was sent by Checkr Trust and hasn't been tampered with.

Verification Steps:

  1. Extract the signature from the X-Checkr-Signature (or the specific header name provided to you) header of the incoming request.
  2. Read the raw request body. It is crucial not to parse and re-serialize the JSON before verification, as minor changes (like whitespace or key order) can invalidate the signature.
  3. Compute the HMAC-SHA256 hash of the raw payload string using your shared secret key.
  4. Convert the computed hash to its hexadecimal representation.
  5. Compare the signature extracted from the header with your computed signature. Use a timing-safe comparison function provided by your language/framework to prevent timing attacks.

Code Examples for Verification:

Ruby:

require 'openssl'
# For secure_compare, typically available in Rails/ActiveSupport
require 'active_support/security_utils'

# Assuming 'request' is your HTTP request object
# and 'SIGNATURE_KEY' is your shared secret
provided_signature = request.headers['X-Checkr-Signature']&.split('=')&.last
raise 'signature missing' unless provided_signature

# Ensure you get the raw body, not parsed JSON
payload_body = request.raw_post

expected_signature = OpenSSL::HMAC.hexdigest('SHA256', SIGNATURE_KEY, payload_body)

# Use secure_compare for timing-attack resistance
is_valid = ActiveSupport::SecurityUtils.secure_compare(provided_signature, expected_signature)

if is_valid
  # Signature is valid, process the webhook payload
  puts "Webhook signature verified."
else
  # Signature is invalid, reject the request
  puts "Webhook signature verification failed."
  # Return an appropriate error response (e.g., 401 Unauthorized)
end

Delivery Attempts & Reliability

Our system will attempt to deliver webhook events to your configured endpoint. If your endpoint returns a non-2xx status code (e.g., 4xx, 5xx) or fails to respond within a reasonable timeout, we will retry sending that event. We retry up to 25 times with exponential time backoff (e.g. after 15 seconds, 16 seconds, 30 seconds, 90 seconds, etc) for a total period of around 20 days.

It is crucial that your endpoint:

  1. Responds quickly with a 200 OK status upon successful receipt of the request (ideally before performing complex processing).
  2. Is designed to handle potential duplicate events (e.g., due to network issues or retries).
  3. Handles the signature verification process robustly.

Profiles

Profiles represent a set of Personally Identifiable Information (PII) for a person who will be checked. Profiles can be updated with the latest information for a person and be referenced to generate checks.

Checks

Checks provide the resulting information relevant to the requested check for a set of PII. The response will include the check type and results.

Create a New Check

Creates a new check resource.

Required Fields

The required attributes for a check resource vary depending on its intended use. Each check requires a minimum set of attributes. You can pass through the minimum set of PII or a profile_id to reference the profile’s PII. If both parameters are passed, the PII from the profile will take precedence. If the PII is insufficient for a check, a validation error will return a 401 Bad Request.

Fields required to generate an Instant Criminal Check include:

  • first_name
  • last_name

Although dob (date of birth) is encouraged, it is not required. Searches without dob will give back results that are matched by name only, which may be false positives.

Parse Check Results

Synchronous responses for a check and GET requests for a check both contain the same information about the results of the check. A completed check with empty results indicates that there are no items on the person’s record for review. Results that are populated indicate items on the check that may require review. Results may not be used to determine eligibility for credit, insurance, employment, or any other purpose regulated under the FCRA. Additionally, Checkr Trust does not make any policy decisions on behalf of its customers.

Driver Checks

Driver checks provide the resulting information relevant to the requested driver license. The response will include the driver check type and results.

Create a New Driver Check

Creates a new Driver Check.

Required Fields

The required attributes for a driver check vary depending on its intended use. You can pass through the minimum set of PII or a profile_id to reference the profile’s PII. If both parameters are passed, the PII from the profile will take precedence. If the PII is insufficient for a driver check, a validation error will return a 401 Bad Request.

Fields required to generate a Driver Check include:

  • first_name
  • last_name
  • dob
  • driver_license_number
  • driver_license_state

Parse Driver Check Results

Asynchronous responses for a Driver Check and GET requests for a Driver Check both contain the same information about the results. You must expose a Webhook endpoint on your end to receive Driver Check completion events. Please work with a Checkr Trust Account Executive or Customer Success representative to set up this Webhook endpoint on your account. Additionally, Checkr Trust does not make any policy decisions on behalf of its customers.

Identity Verifications

Identity Verifications provide the resulting information relevant to the requested verification for a set of PII. The response will include the IDV type and results.

Create a New Identity Verification

Creates a new Identity Verification resource.

Required Fields

The required attributes for an Identity Verification resource vary depending on its intended use. You can pass through the minimum set of PII or a profile_id to reference the profile’s PII. If both parameters are passed, the PII from the profile will take precedence. If the PII is insufficient for a verification, a validation error will return a 401 Bad Request.

Fields required to generate an Identity Verification include:

  • first_name
  • last_name
  • idv_type
  • any of email, phone, dob or address

Parse Identity Verification Results

Identity Verifications of idv_type pii_validation use synchronous responses. Responses for POST and GET requests for an Identity Verification both contain the same information about the results. A completed Identity Verification will provide match scores for each attribute provided (first name, last name, email, phone, etc); and an overall match score.

Identity Verifications of idv_type document_verification use asynchronous responses. The POST request contains an initial payload with the collection_link to provide to your end user; they use the web application at that link on a mobile device to provide the documents we will verify. You must expose a Webhook endpoint to receive the completed document verification, which contains the same information and results as a GET request once the request is completed. Please work with a Checkr Trust Account Executive or Customer Success representative to set up this Webhook endpoint on your account.

Additionally, Checkr Trust does not make any policy decisions on behalf of its customers.

Accounts

Endpoints and operations having to do with accounts and authorization. Account creation and credentialing will be done with a Checkr Trust team member.

Create token

Get a bearer token which will allow you to access the other endpoints in this API

Request
Request Body schema: application/json

the request to get a bearer token to use the API

client_id
required
string
client_secret
required
string
Responses
201

OK - success response from create token

401

Unauthorized - not allowed to response from create token

post/accounts/token
Request samples
application/json
{
  • "client_id": "string",
  • "client_secret": "string"
}
Response samples
application/json
{
  • "access_token": "eyJhb...(something long)...qJFlg",
  • "scope": "read:account create:account delete:account",
  • "expires_in": 86400,
  • "token_type": "Bearer"
}

Checks

Checks provide the resulting information relevant to the requested check for a set of PII. Checks will include the Check type and results.

Get checks

Get a set of checks

Securityget-bearer-token-using-oauth2
Request
query Parameters
limit
integer [ 0 .. 999999 ]
Default: 10

limit the number of records returned

skip
integer [ 0 .. 999999 ]
Default: 0

skip a number of records before returning (for paging)

Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/checks
Response samples
application/json
[
  • {
    }
]

Create check

Create a new check

Securityget-bearer-token-using-oauth2
Request
Request Body schema: application/json

the request to create a check

One of:
check_type
string (check_type)
Enum: "instant_criminal" "sex_offender_registry"
input_type
string (input_type)
Enum: "person" "address"
first_name
required
string
middle_name
string
last_name
required
string
dob
string (dob_string) = 8 characters \d{8}

A date or partial date in the form YYYYMMDD. Since some dates are partial, they may be represented as YYYY0000 or 0000MMDD or YYYYMM00.

ruleset_id
string <uuid> (ruleset_id)

Identifier of an existing ruleset containing filtering rules. To set up account rulesets, please reach out to your Checkr Trust Account Executive or Customer Success representative to set up the configuration.

reference_id
string (reference_id)

Reference identifier. Please consult your Checkr Trust Account Executive or Customer Success representative on this attribute.

Responses
201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

500

Internal Server Error

post/checks
Request samples
application/json
{
  • "first_name": "JOHN",
  • "last_name": "SMITH",
  • "dob": "19900101"
}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "completed_at": "2024-06-15 00:03:49.588",
  • "results": [
    ],
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "check_type": "instant_criminal",
  • "reference_id": "AB245"
}

Get check

Get a single check with a given id

Securityget-bearer-token-using-oauth2
Request
path Parameters
check_id
required
string <uuid>

the uuid identifying the check

Example: 2b8313e8-4efd-45a1-b578-952b8313e890
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/checks/{check_id}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "completed_at": "2024-06-15 00:03:49.588",
  • "results": [
    ],
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "check_type": "instant_criminal",
  • "reference_id": "AB245"
}

Driver Checks

Driver Checks provide the resulting information relevant to the requested driver license. The response will include the driver check type and results.

Get driver checks

Get a set of driver checks

Securityget-bearer-token-using-oauth2
Request
query Parameters
limit
integer [ 0 .. 999999 ]
Default: 10

limit the number of records returned

skip
integer [ 0 .. 999999 ]
Default: 0

skip a number of records before returning (for paging)

Responses
200

OK

400

Bad Request

401

Unauthorized

409

Conflict

500

Internal Server Error

get/driver_checks
Response samples
application/json
[
  • [
    ]
]

Create driver check

Create a new driver check

Securityget-bearer-token-using-oauth2
Request
Request Body schema: application/json

the request to create a driver check

One of:

the request to create a new driver check from set of PII

check_type
required
string (driver_check_type)
Enum: "driver_license_status" "motor_vehicle_report"
first_name
required
string
middle_name
string
last_name
required
string
dob
required
string (dob_string) = 8 characters \d{8}

A date or partial date in the form YYYYMMDD. Since some dates are partial, they may be represented as YYYY0000 or 0000MMDD or YYYYMM00.

driver_license_number
required
string

a driver license identifier in a state-specific format

driver_license_state
required
string (state_code) = 2 characters [A-Z]{2}

2 character US Postal Service state abbreviation

requester_code
string

Conditionally Required when driver license state is either CA, PA or UT.

ssn
string (ssn_string) [ 4 .. 11 ] characters ^((\d{3}-\d{2}-\d{4})|(\d{4})|(\d{9}))$

Nine-digit Social Security Number (SSN). The last four digits of the SSN are also accepted. Hyphens are optional.

zip_code
string (zip_code) = 5 characters ^\d{5}$

US Postal Service ZIP code (5 digits)

Responses
201

OK

400

Bad Request

401

Unauthorized

403

Forbidden

500

Internal Server Error

Callbacks
postDriver Check Completion Webhook
post/driver_checks
Request samples
application/json
{
  • "check_type": "motor_vehicle_report",
  • "first_name": "JOHN",
  • "last_name": "SMITH",
  • "dob": "19900101",
  • "driver_license_number": "A1234567",
  • "driver_license_state": "CA"
}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "completed_at": "2024-06-15 00:03:49.588",
  • "results": {
    },
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "check_type": "driver_license_status"
}
Callback payload samples
POST: Driver Check Completion Webhook
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "object": "event",
  • "type": "driver_license_status.completed",
  • "created_at": "2024-06-15 00:03:49.588",
  • "data": {
    },
  • "account_id": "5bb1242f-6963-4886-8f05-9ee965da2ca1"
}

Get driver check

Get a single driver check with a given id

Securityget-bearer-token-using-oauth2
Request
path Parameters
driver_check_id
required
string <uuid>

the uuid identifying the driver check

Example: 2b8313e8-4efd-45a1-b578-952b8313e890
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/driver_checks/{driver_check_id}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "completed_at": "2024-06-15 00:03:49.588",
  • "results": {
    },
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "check_type": "driver_license_status"
}

Identity Verifications

Identity Verifications provide the resulting information relevant to the requested verification for a set of PII. The response will include the IDV type and results.

Get identity verifications

Get a set of identity verifications

Securityget-bearer-token-using-oauth2
Request
query Parameters
limit
integer [ 0 .. 999999 ]
Default: 10

limit the number of records returned

skip
integer [ 0 .. 999999 ]
Default: 0

skip a number of records before returning (for paging)

Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/identity_verifications
Response samples
application/json
[
  • {
    }
]

Create identity verification

Create a new identity verification

Securityget-bearer-token-using-oauth2
Request
Request Body schema: application/json

the request to create an identity verification

One of:

the request to create a new identity verification from set of PII

Any of:

The object must have DOB.

idv_type
required
string (idv_type)
Enum: "pii_validation" "document_verification"
first_name
required
string
middle_name
string
last_name
required
string
dob
required
string (dob_string) = 8 characters \d{8}

A date or partial date in the form YYYYMMDD. Since some dates are partial, they may be represented as YYYY0000 or 0000MMDD or YYYYMM00.

phone
string
email
string
ssn
string (ssn_string) [ 4 .. 11 ] characters ^((\d{3}-\d{2}-\d{4})|(\d{4})|(\d{9}))$

Nine-digit Social Security Number (SSN). The last four digits of the SSN are also accepted. Hyphens are optional.

object (address)
reference_id
string (reference_id)

Reference identifier. Please consult your Checkr Trust Account Executive or Customer Success representative on this attribute.

send_message
boolean

For document verification, whether the end user should receive an SMS with the collection link to the provided phone number. Defaults to false if not provided.

Responses
201

Created

400

Bad Request

401

Unauthorized

403

Forbidden

500

Internal Server Error

Callbacks
postCallback (webhook) triggered when document verification is completed.
post/identity_verifications
Request samples
application/json
{
  • "first_name": "JOHN",
  • "last_name": "SMITH",
  • "idv_type": "pii_validation",
  • "email": "j.doe@example.com"
}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "results": {
    },
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "idv_type": "pii_validation",
  • "reference_id": "AB245"
}
Callback payload samples
POST: Callback (webhook) triggered when document verification is completed.
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "object": "event",
  • "type": "document_verification.completed",
  • "created_at": "2024-06-15 00:03:49.588",
  • "data": {
    },
  • "account_id": "5bb1242f-6963-4886-8f05-9ee965da2ca1"
}

Get identity verification

Get a single identity verification with a given id

Securityget-bearer-token-using-oauth2
Request
path Parameters
identity_verification_id
required
string <uuid>

the uuid identifying the identity verification

Example: 2b8313e8-4efd-45a1-b578-952b8313e890
Responses
200

OK

401

Unauthorized

404

Not Found

500

Internal Server Error

get/identity_verifications/{identity_verification_id}
Response samples
application/json
{
  • "id": "5bb1242f-6963-4886-8f05-9ee965da2ca1",
  • "created_at": "2024-06-15 00:03:49.588",
  • "completed_at": "2024-06-15 00:03:49.588",
  • "results": {
    },
  • "profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
  • "idv_type": "pii_validation",
  • "reference_id": "AB245"
}

Profiles

Profiles represent a set of Personally Identifiable Information (PII) for a person who will be checked. Profiles can be updated with the latest information for a person and be referenced to generate checks.

Get profiles

Required Fields

The required attributes for a Profile resource vary depending on its intended use. Each check will require a minimum set of attributes.

Get Profiles

Get a set of profiles

Securityget-bearer-token-using-oauth2
Request
query Parameters
limit
integer [ 0 .. 999999 ]
Default: 10

limit the number of records returned

skip
integer [ 0 .. 999999 ]
Default: 0

skip a number of records before returning (for paging)

Responses
200

OK

400

Bad Request

401

Unauthorized

500

Internal Server Error

get/profiles
Response samples
application/json
[
  • {
    }
]

Create profile

Creates a new profile resource

Required Fields

The required attributes for a Profile resource vary depending on its intended use. Each check will require a minimum set of attributes as shared below: Fields required to generate an Instant Criminal Check include:

  • first_name
  • last_name

Date of birth (dob) is strongly suggested, as name-only searches will likely provide data on many differernt people with the same name.

Validation for these attributes is performed when requesting a check, as the requirements depend on the check type.

Securityget-bearer-token-using-oauth2
Request
Request Body schema: application/json

the request to create a profile

first_name
required
string

The first name of the person

middle_name
string or null

The middle name of the person

last_name
required
string

The last name of the person

zip_code
string (zip_code) = 5 characters ^\d{5}$

US Postal Service ZIP code (5 digits)

dob
string (dob_string) = 8 characters \d{8}

A date or partial date in the form YYYYMMDD. Since some dates are partial, they may be represented as YYYY0000 or 0000MMDD or YYYYMM00.

phone
string (phone_string) +[1-9]\d{2,14}

A phone number in the form +[country code][number including area code]. (E.164 format)

email
string (email_string) [\w+\-.]+@[a-z\d\-.]+\.[a-z]+

An email address.

driver_license_number
string
driver_license_state
string
object (address)
custom_id
string (custom_id_string) <= 255 characters

An identifier of your choice, if you wish to use one.

Responses
201

Created

400

Bad Request

401

Unauthorized

500

Internal Server Error

post/profiles
Request samples
application/json
{
  • "first_name": "John",
  • "middle_name": "William",
  • "last_name": "Smith",
  • "zip_code": "12345",
  • "dob": "19950401",
  • "phone": "+14155551212",
  • "email": "j.doe@example.com",
  • "driver_license_number": "string",
  • "driver_license_state": "string",
  • "address": {
    },
  • "custom_id": "ABC-123"
}
Response samples
application/json
{
  • "id": "f43dd5e8-5f34-4366-b9e4-722cd54266ad",
  • "first_name": "John",
  • "middle_name": "William",
  • "last_name": "Smith",
  • "zip_code": "12345",
  • "dob": "19950401",
  • "phone": "+14155551212",
  • "email": "j.doe@example.com",
  • "driver_license_number": "string",
  • "driver_license_state": "string",
  • "address": {
    },
  • "custom_id": "ABC-123"
}

Get profile

Get a single profile by id

Securityget-bearer-token-using-oauth2
Request
path Parameters
profile_id
required
string <uuid>

the uuid identifying the profile

Example: 2b8313e8-b578-45a1-4efd-952b8313e890
Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

get/profiles/{profile_id}
Response samples
application/json
{
  • "id": "f43dd5e8-5f34-4366-b9e4-722cd54266ad",
  • "first_name": "John",
  • "middle_name": "William",
  • "last_name": "Smith",
  • "zip_code": "12345",
  • "dob": "19950401",
  • "phone": "+14155551212",
  • "email": "j.doe@example.com",
  • "driver_license_number": "string",
  • "driver_license_state": "string",
  • "address": {
    },
  • "custom_id": "ABC-123",
  • "check_ids": [
    ]
}

Update profile

Update a profile with a given id

Securityget-bearer-token-using-oauth2
Request
path Parameters
profile_id
required
string <uuid>

the uuid identifying the profile

Example: 2b8313e8-b578-45a1-4efd-952b8313e890
Request Body schema: application/json

the request to patch (modify) a profile

first_name
string

The first name of the person

middle_name
string or null

The middle name of the person

last_name
string

The last name of the person

zip_code
string (zip_code) = 5 characters ^\d{5}$

US Postal Service ZIP code (5 digits)

dob
string (dob_string) = 8 characters \d{8}

A date or partial date in the form YYYYMMDD. Since some dates are partial, they may be represented as YYYY0000 or 0000MMDD or YYYYMM00.

phone
string (phone_string) +[1-9]\d{2,14}

A phone number in the form +[country code][number including area code]. (E.164 format)

email
string (email_string) [\w+\-.]+@[a-z\d\-.]+\.[a-z]+

An email address.

driver_license_number
string
driver_license_state
string
object (address)
custom_id
string (custom_id_string) <= 255 characters

An identifier of your choice, if you wish to use one.

Responses
200

OK

400

Bad Request

401

Unauthorized

404

Not Found

500

Internal Server Error

patch/profiles/{profile_id}
Request samples
application/json
{
  • "first_name": "John",
  • "middle_name": "William",
  • "last_name": "Smith",
  • "zip_code": "12345",
  • "dob": "19950401",
  • "phone": "+14155551212",
  • "email": "j.doe@example.com",
  • "driver_license_number": "string",
  • "driver_license_state": "string",
  • "address": {
    },
  • "custom_id": "ABC-123"
}
Response samples
application/json
{
  • "id": "f43dd5e8-5f34-4366-b9e4-722cd54266ad",
  • "first_name": "John",
  • "middle_name": "William",
  • "last_name": "Smith",
  • "zip_code": "12345",
  • "dob": "19950401",
  • "phone": "+14155551212",
  • "email": "j.doe@example.com",
  • "driver_license_number": "string",
  • "driver_license_state": "string",
  • "address": {
    },
  • "custom_id": "ABC-123"
}