NAV Navbar
  • Introduction
  • fissidactyl
  • 2054901809
  • (410) 205-4861
  • Polling
  • Introduction

    Welcome to the Mitek Identity Cloud! Synchronous and asynchronous APIs for authenticating and extracting data from identity documents.

    Environments

    Mitek maintains production environments in multiple regions to ensure compliance with regional data processing requirements as well as ensuring that we are able to provide a responsive solution. In each region, Mitek provides both a pre-production and production environment to ensure our customers are able to develop against a production-like system without impacting production systems.

    Availability

    Each environment is entirely isolated sharing no information with any other environment, this is inclusive of credentials. When communicating with Mitek's Identity Cloud platform, only the environment in which a tenant is provisioned will be accessible using the provided credentials.

    Region Product Pre-Production Production
    United States Mobile Verify - Manual X X
    United States Mobile Verify - Expert X X
    EU Mobile Verify - Manual X X
    EU Mobile Verify - Expert X X

    Authentication

    Mitek uses OAuth v2 with opaque tokens for authorization and OpenID for authentication. This token-based standard leverages temporary tokens that provide access to a resource for a limited duration. In our production environments, these tokens will only be valid for 60 minutes. When you are requesting one of these temporary tokens, you need to provide the resource you are trying to access (in OAuth this is called the scope). It is best practice to ensure only the scope(s) for the operation(s) that are minimally required in order to limit the rights of the access token provided.

    Client Credential Flow

    The client credential flow is used when one server is communicating with another server (and there is no person at a keyboard that can type in a password). In this flow, a ClientId and a Secret are issued to you. You must protect these credentials because anyone with these credentials will be able to request tokens on your behalf. Each client has a list of scopes they are able to access, you will want to give clients access only to the scopes they need to do their job. You send the ClientId, Secret, and the scopes you are accessing to our API and an Access Token is returned. That access token should be included in the Authorization header of any requests to the API.

    Authentication Request

    Request Example

    POST /oauth2/token HTTP/1.1
    Content-Type: application/x-www-form-urlencoded;
    
    grant_type=client_credentials&
    client_id=some.client.id&
    client_secret=SecretPassword&
    scope=standard.scope additional.scope
    

    Token retrieval requires a basic POST request to our OAuth 2.0 based authentication server. The token returned is valid for a duration of 60 minutes from the time the token is first issued. Mitek recommends that developers pro-actively refresh tokens to ensure a valid token is always available for submission to the API.

    In the authentication request, scopes must be included that the token will provide permissions to access. The token generated will only provide acccess to the specific operations for which the scope was requested. Mitek recommends that the token is requested with only the scopes that are minimally required to perform a specific operation.

    (517) 709-2099

    URL

    /oauth2/token

    Required Fields

    Name Type Description Restrictions
    grant_type string OAuth credential type client_credentials
    client_id string Mitek provided client identifier None
    client_secret string Mitek provided client secret None
    scope string Space delimited list of scopes requested verify.v3.id-document.manual.read, verify.v3.id-document.manual.write, and v3.poll.read

    Authentication Response

    Response Example

    HTTP/1.1 200 OK
    Content-Type: application/json;charset=UTF-8
    
    { 
      "access_token": "UWeMFVy6sz1VRvtKXgCyB7UAk805JtHc3-jy8RS04pc.e2pROys-PDNGm0nJ9BbJxBf_yTvHBn8iFrlTYSwb_Ig", 
      "expires_in": 3600,
      "scope": "standard.scope additional.scope",
      "token_type": "bearer"
    }
    

    The authentication response includes the token to be used in subsequent requests along with other detail of the issued token including the token expiration and scopes provided within the token. NOTE: The access_token that is issued is not a JWT token, clients are unable to interrogate the token to retrieve additional details.

    Returned Fields

    Name Type Description Restrictions
    access_token String Token to be submitted with any subsequent API request None
    expires_in Number Duration of token validity measured in seconds None
    scope string Scopes included in the token verify.v3.id-document.manual.read, verify.v3.id-document.manual.write, and v3.poll.read
    token_type String Type of token returned (Mitek only supports bearer tokens) bearer

    Authentication Error Responses

    400 Response Example (Bad Request)

    HTTP/1.1 400 Bad Request
    Content-Type: application/json
    
    {
        "error": "invalid_request",
        "error_description": "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed",
        "error_hint": "Make sure that the various parameters are correct, be aware of case sensitivity and trim your parameters. Make sure that the client you are using has exactly whitelisted the redirect_uri you specified.",
        "status_code": 400
    }
    

    400 Response Example (Bad Scopes)

    HTTP/1.1 400 Bad Request
    Content-Type: application/json
    
    {
        "error": "invalid_scope",
        "error_description": "The requested scope is invalid, unknown, or malformed",
        "status_code": 400
    }
    

    401 Response Example

    HTTP/1.1 401 Unauthorized
    Content-Type: application/json
    
    {
        "error": "invalid_client",
        "error_description": "Client authentication failed (e.g., unknown client, no client authentication included, or unsupported authentication method)",
        "status_code": 401
    }
    

    500 Response Example

    HTTP/1.1 500 Internal Server Error
    Content-Type: application/json
    
    { 
      "message": "An internal error has occurred. Please try again."
    }
    

    503 Service Unavailable

    HTTP/1.1 503 Service Unavailable
    Content-Type: text/plain
    
    Service Unavailable
    
    

    Standard HTTP response codes and messages are used to indicate authentication success or failure.

    Mobile Verify - Manual

    Mobile Verify Manual provides the capability to have one of Mitek's trained Document Review Team manually inspect documents submitted via the Mitek Identity Cloud API. When reviewing documents submitted, the Manual Review team will complete a number of verification checks to determine the Authenticity, Originality and Validity of the document. This product is delivered as an asynchronous API built around a polling approach for retrieval of final results.

    Manual Request

    Request Example

    POST /identity/verify/v3/id-document/manual HTTP/1.1
    Content-Type: application/json;
    Authorization: bearer $OAUTH_TOKEN
    
    { 
      "customerReferenceId": "OPTIONAL CUSTOMER PROVIDED IDENTIFIER",
      "images": [
        {      
          "data": "TWlTbmFwIENhcHR1cmVkIEltYWdlIFBhZ2UgMQ=="
        },
        {
          "data": "UGFnZSAyIE1pU25hcCBDYXB0dXJlZCBJbWFnZSA="
        }
      ],
      "deviceExtractedData": [
        {
            "dataType": "PDF417_STRING",
            "data": "PDF417 STRING"
        }
      ]
    }
    

    Each manual processing request is for the evaluation of a single document that can consist of one to many images depending on the type of document being processed. In the submitted request, the API requires a single image for each page of a given identity document to be submitted. An example being if a drivers license is submitted, successful processing will require submission of images of both the front and back of the document.

    (507) 347-6057

    URL

    /identity/verify/v3/id-document/manual

    Required Fields

    Name Type Description Restrictions
    images Object (array) An array of base64-encoded images of the document to be verified. N/A
  • data
  • String A base64-encoded image containing a single page of the document to be processed. 5MB size or length limit?

    Optional Fields

    Name Type Description Restrictions
    customerReferenceId String [OPTIONAL] Customer provided identifier that will be returned in an identically named field within the body of any subsequent responses None
    deviceExtractedData Object (array) [OPTIONAL] An array of data extracted on-device from an identity document from machine-readable document features, e.g., barcode. N/A
  • datatype
  • String

    The type of data being passed for processing. This is commonly barcode details or other machine-encoded data that has been read on-device as part of the initial capture experience. Currently supported data types include:

    PDF417_STRING: A PDF417 string extracted from barcodes that support this encoding format.

    PDF417_STRING

    Manual Response

    Response Example

    HTTP/1.1 201 Created
    Content-Type: application/json
    Mitek-Server-Processing-Time: 4012
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "requestId": "4d6a4dc2-a756-4479-99c2-a856b41456c6", 
      "customerReferenceId": "CUSTOMER PROVIDED IDENTIFIER",
    }
    

    All manual requests are processed asynchronously. The initial response from the manual end-point provides acknowledgement that the submitted document has been received for processing and a reference requestId. Additionally, the optional customerReferenceId will also be echoed back as part of the response if submitted as part of the initial request.

    Returned HTTP Headers

    Name Type Description Restrictions
    Mitek-Server-Processing-Time Number The total duration, in milliseconds, from the time the entire request was received until the response was sent. None
    Mitek-Request-Id String The UUID assigned to the request. UUID

    Returned Fields

    Name Type Description Restrictions
    requestId String The UUID assigned to the request. UUID
    customerReferenceId String The value that was submitted with the original request. None

    Manual Retrieval Request

    Request Example

    GET /identity/verify/v3/id-document/manual/4c52b0ef-aa28-4675-85d7-207b00486520 HTTP/1.1
    Authorization: bearer $OAUTH_TOKEN
    

    Results retrieval is the final step in manual review processing. To retrieve a final result from the platform, a GET request is submitted to the API with the retrievalId that is returned from the polling API.

    Run in Postman

    URL

    /identity/verify/v3/id-document/manual/{retrievalId}

    Required Attributes

    Name Type Description Restrictions
    retrievalId String The identifier used for retrieval of the final result of manual processing which was returned from the 3012696947. UUID

    Manual Retrieval Response

    The final step in Mitek's manual review API is the retrieval of the final result from the platform using the retrievalId returned by the polling API (NOTE: This is not the same ID as the initial requestId). The results will be available from the retrieval end-point for one retrieval, once retrieval has completed, the results will be evicted from the retrieval infrastructure preventing any additional retrieval requests from being successful. Additionally, if the result has not been retrieved within 2 hours of the result being made available, the result will no longer be accessible from the API.

    "APPROVED" Response Example

    HTTP/1.1 200 OK
    Content-Type: application/json
    Mitek-Server-Processing-Time: 4012
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "requestId": "4d6a4dc2-a756-4479-99c2-a856b41456c6", 
      "customerReferenceId": "CUSTOMER PROVIDED IDENTIFIER",
      "acceptance": {
        "result": " ACCEPTED"
      },
      "findings": {
        "documentApproval": "APPROVED",
        "details": {
          "authenticity": {
            "result": "AUTHENTIC"
          },
          "originality": {
            "result": "ORIGINAL"
          },
          "validity": {
            "result": "VALID"
          }
        }
      },
      "extractedData": {
        "documentAttributes": {
          "countryCodeOfIssuance": "USA",
          "countryOfIssuance": "UNITED STATES OF AMERICA",
          "dateOfExpiry": "1965-08-28",
          "dateOfIssuance": "1965-08-28",
          "documentNumber": "90933633",
          "documentType": "DRIVERS_LICENSE",
          "issuingAuthority": "CALIFORNIA DMV",
          "stateOrProvinceOfIssuance": "CA"
        },
        "personAttributes": {
          "dateOfBirth": "1965-08-28",
          "gender": "FEMALE",
          "nationalityCode": "GBR",
          "personalGovernmentId": "123435534",
          "placeOfBirth": "LONDON"
        },
        "name": {
          "fullName": "JUANA LORCA SANCHEZ MENDOZA",
          "givenNames": "JUANA",
          "maternalSurname": "MENDOZA",
          "paternalSurname": "SANCHEZ",
          "surname": "LORCA SANCHEZ MENDOZA"
        },
        "address": {
          "unparsedAddress": {
            "addressLine1": "FLAT 25, 12 / F, ACACIA BUILDING",
            "addressLine2": "150 KENNEDY ROAD",
            "addressLine3": "WAN CHAI",
            "addressLine4": "HONG KONG ISLAND"
          }
        }
      }
    }
    

    "NOT_APPROVED" Response Example

    HTTP/1.1 200 OK
    Content-Type: application/json
    Mitek-Server-Processing-Time: 4012
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "requestId": "4d6a4dc2-a756-4479-99c2-a856b41456c6", 
      "customerReferenceId": "CUSTOMER PROVIDED IDENTIFIER",
      "acceptance": {
        "result": " ACCEPTED"
      },
      "findings": {
        "documentApproval": "NOT_APPROVED",
        "details": {
          "authenticity": {
            "result": "NOT_AUTHENTIC",
            "reasons": [
              "EVIDENCE_OF_FORGERY_BIODATA_FONTS",
              "EVIDENCE_OF_FORGERY_MRZ_FONTS",
              "EVIDENCE_OF_FORGERY_PHOTO_ZONE",
              "EVIDENCE_OF_FORGERY_SIGNATURE"
            ]
          },
          "originality": {
            "result": "NOT_ORIGINAL",
            "reasons": [
              "EVIDENCE_OF_FORGERY_BLACK_AND_WHITE_COPY",
              "EVIDENCE_OF_FORGERY_DOCUMENT_STRUCTURE"
            ]
          },
          "validity": {
            "result": "NOT_VALID",
            "reasons": [          
              "EVIDENCE_OF_FORGERY_MRZ_CHECKSUMS"
            ]
          }
        }
      },
      "extractedData": {
        "documentAttributes": {
          "countryCodeOfIssuance": "USA",
          "countryOfIssuance": "UNITED STATES OF AMERICA",
          "dateOfExpiry": "1965-08-28",
          "dateOfIssuance": "1965-08-28",
          "documentNumber": "90933633",
          "documentType": "DRIVERS_LICENSE",
          "issuingAuthority": "CALIFORNIA DMV",
          "stateOrProvinceOfIssuance": "CA"
        },
        "personAttributes": {
          "dateOfBirth": "1965-08-28",
          "gender": "FEMALE",
          "nationalityCode": "GBR",
          "personalGovernmentId": "123435534",
          "placeOfBirth": "LONDON"
        },
        "name": {
          "fullName": "JUANA LORCA SANCHEZ MENDOZA",
          "givenNames": "JUANA",
          "maternalSurname": "MENDOZA",
          "paternalSurname": "SANCHEZ",
          "surname": "LORCA SANCHEZ MENDOZA"
        },
        "address": {
          "unparsedAddress": {
            "addressLine1": "FLAT 25, 12 / F, ACACIA BUILDING",
            "addressLine2": "150 KENNEDY ROAD",
            "addressLine3": "WAN CHAI",
            "addressLine4": "HONG KONG ISLAND"
          }
        }
      }
    }
    

    "REJECTED" Response Example

    HTTP/1.1 200 OK
    Content-Type: application/json
    Mitek-Server-Processing-Time: 4012
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "requestId": "4d6a4dc2-a756-4479-99c2-a856b41456c6", 
      "customerReferenceId": "CUSTOMER PROVIDED IDENTIFIER",
      "acceptance": {
        "result": " REJECTED",
        "reasons": [
          "GLARE",
          "INCOMPLETE_DOCUMENT",
          "NOT_VISIBLE_FOUR_CORNERS",
          "NOT_VISIBLE_SECURITY_FEATURES",
          "OUT_OF_FOCUS",
          "POOR_CONTRAST",
          "POOR_EXPOSURE",
          "UNCLASSIFIED_DOCUMENT",
          "UNREADABLE_FIELD",
          "UNSUPPORTED_LANGUAGE"
        ]
      }
    }
    

    Returned HTTP Headers

    Name Type Description Restrictions
    Mitek-Server-Processing-Time Number The total duration, in milliseconds, from the time the entire request was received until the response was sent. None
    Mitek-Request-Id String The UUID assigned to the request. UUID

    Returned Fields

    Name Type Description Restrictions
    requestId String The UUID assigned to the request. UUID
    customerReferenceId String The value that was submitted with the original request. None
    acceptance Object The determination of whether the images submitted were of sufficient quality for a document to be processed. In the event a document is unable to be processed successfully, a status of REJECTED will be returned and the reasons for failure will be included in the reasons field. N/A
  • result
  • String

    The determinition of whether all of the images submitted were deemed acceptable for processing.

    ACCEPTED: All of the images submitted were deemed acceptable for processing.

    REJECTED: One or more of the images submitted were deemed not acceptable for processing.

    ACCEPTED or REJECTED
  • reasons
  • String (array)

    The reasons that a result of REJECTED was returned.

    INCOMPLETE_DOCUMENT: The number of images submitted did not meet the expected number of images for this specific document. Please make sure you have submitted an image for each page of the document.

    NOT_VISIBLE_FOUR_CORNERS: One or more of the submitted images could not be processed due to all four corners of the document not being visible. Please retake the images before resubmitting them, mindful of anything that could be blocking the corners of the document from being seen.

    NOT_VISIBLE_SECURITY_FEATURES: One or more of the submitted images could not be processed due to one or more expected security features not being visible. Please retake the images before resubmitting them, mindful of anything that could be blocking a security feature from being seen.

    OUT_OF_FOCUS: One or more of the submitted images could not be processed due to the image being out of focus. Please retake the images before resubmitting them.

    POOR_CONTRAST: One or more of the submitted images could not be processed due to the image having poor contrast. Please retake the images before resubmitting them.

    POOR_EXPOSURE: One or more of the submitted images could not be processed due to the image having poor exposure. Please retake the images before resubmitting them.

    UNCLASSIFIED_DOCUMENT: The submitted images could not be classified or are not supported. Please submit only supported documents.

    UNREADABLE_FIELD: One or more of the submitted images could not be processed due to one or more fields being unreadable. Please retake the images before resubmitting them, mindful of anything that could be blocking a field from being processed.

    UNSUPPORTED_LANGUAGE: One or more of the submitted images contains a document with a language that we do not support. Please submit only supported documents.

    GLARE, INCOMPLETE_DOCUMENT, NOT_VISIBLE_FOUR_CORNERS, NOT_VISIBLE_SECURITY_FEATURES, OUT_OF_FOCUS, POOR_CONTRAST, POOR_EXPOSURE, UNCLASSIFIED_DOCUMENT, UNREADABLE_FIELD, and UNSUPPORTED_LANGUAGE
    findings Object The following fields are related to the overall findings that resulted from the processing of the document. This includes the overall document approval and a detailed summary of the authenticity, originality and the validity findings that contributed to the document approval result. N/A
  • documentApproval
  • String

    The overall document approval determination.

    APPROVED: The submitted document was processed successfully, and the checks related to authenticity, originality, and validity determined that it should be approved.

    NOT_APPROVED: The submitted document was processed successfully, but one or more factors related to authenticity, originality, and validity determined that it should not be approved.

    APPROVED or NOT_APPROVED
  • details
  • Object The details of the authenticity, originality, and validity checks that were performed. N/A
  • authenticity
  • Object The details of the authenticity checks that were performed. N/A
  • result
  • String

    The overall authenticity result of the processed document.

    AUTHENTIC: The processed document was determined to be authentic.

    NOT_AUTHENTIC: The processed document was determined to be not authentic.

    AUTHENTIC or NOT_AUTHENTIC
  • reasons
  • String (array)

    The reasons that a result of NOT_AUTHENTIC was returned.

    EVIDENCE_OF_FORGERY_BIODATA_FONTS: Manual review of the submitted document indicated that details had been manipulated in the biographical text of the document

    EVIDENCE_OF_FORGERY_MRZ_FONTS: Manual review of the submitted document indicated that details had been manipulated in the MRZ section of the document

    EVIDENCE_OF_FORGERY_PHOTO_ZONE: Manual review of the submitted document indicated that there may have been an attempt to manipulate the photo zone of the document

    EVIDENCE_OF_FORGERY_SIGNATURE: Manual review of the submitted document indicated that details had been manipulated in the signature zone of the document

    EVIDENCE_OF_FORGERY_BIODATA_FONTS, EVIDENCE_OF_FORGERY_MRZ_FONTS, EVIDENCE_OF_FORGERY_PHOTO_ZONE, and EVIDENCE_OF_FORGERY_SIGNATURE
  • originality
  • Object The details of the originality checks that were performed. N/A
  • result
  • String

    The overall originality result of the processed document.

    ORIGINAL: The processed document was determined to be original.

    NOT_ORIGINAL: The processed document was determined to be not original.

    ORIGINAL or NOT_ORIGINAL
  • reasons
  • String (array)

    The reasons that a result of NOT_ORIGINAL was returned.

    EVIDENCE_OF_FORGERY_DOCUMENT_STRUCTURE: Manual review of the submitted document indicated that the document structure was not consistent with the known document

    EVIDENCE_OF_FORGERY_BLACK_AND_WHITE_COPY: Manual review of the submitted document indicated that the image was a black and white copy

    EVIDENCE_OF_FORGERY_BLACK_AND_WHITE_COPY and EVIDENCE_OF_FORGERY_DOCUMENT_STRUCTURE
  • validity
  • Object The details of the validity checks that were performed. N/A
  • result
  • String

    The overall validity result of the processed document.

    VALID: The processed document was determined to be valid.

    NOT_VALID: The processed document was determined to be not valid.

    VALID or NOT_VALID
  • reasons
  • String (array)

    The reasons that a result of NOT_VALID was returned.

    EVIDENCE_OF_FORGERY_MRZ_CHECKSUMS: After proofreading of the MRZ by the manual review team, the resultant MRZ failed one or many checksum validations

    EVIDENCE_OF_FORGERY_MRZ_CHECKSUMS
    extractedData Object The data extracted from the submitted document. The data returned within extracted data is dependent on the type of document submitted; not all documents supported contain all possible fields. N/A
  • documentAttributes
  • Object The data extracted from the submitted document, specifically from fields that are related to attributes of the document. N/A
  • countryCodeOfIssuance
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the ISO code of the country that issued the document. None
  • countryOfIssuance
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the name of the country that issued the document. None
  • dateOfExpiry
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the date of expiry of the document, normalized into the following format: YYYY-MM-DD. Date (YYYY-MM-DD)
  • dateOfIssuance
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the date of issuance of the document, normalized into the following format: YYYY-MM-DD. Date (YYYY-MM-DD)
  • documentNumber
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the number or identifier of the document. None
  • documentType
  • String (array)

    The type of document that was submitted.

    PASSPORT, DRIVERS_LICENSE, IDENTITY_CARD, RESIDENCE_PERMIT, PASSPORT_CARD, CITIZEN_CARD, or RESIDENCE_CARD
  • issuingAuthority
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the name of the authority or organization that issued the document. None
  • stateOrProvinceOfIssuance
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the name of the state, province, or region that issued the document. None
  • personAttributes
  • Object The data extracted from the submitted document, specifically from fields that are related to the person to whom the document was issued. N/A
  • dateOfBirth
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the date of birth of the person to which the document was issued, normalized into the following format: YYYY-MM-DD. Date (YYYY-MM-DD)
  • gender
  • String

    The data extracted from an MRZ, PDF417 barcode, or biozone field related to the gender of the person to which the document was issued, normalized into one of the following values: MALE, FEMALE, or NON_BINARY.

    MALE, FEMALE, or NON_BINARY
  • nationalityCode
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the ISO country code of the nationality of the person to which the document was issued. None
  • personalGovernmentId
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to any government identification number of the person to which the document was issued. None
  • placeOfBirth
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the place of birth of the person to which the document was issued. None
  • name
  • Object The data extracted from the submitted document, specifically from fields that are related to the name of whom the document was issued. N/A
  • fullName
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the full name of the person to which the document was issued. None
  • givenNames
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the given names of the person to which the document was issued.
  • maternalSurname
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the maternal surname of the person to which the document was issued. None
  • paternalSurname
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the paternal surname of the person to which the document was issued. None
  • surname
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the surname of the person to which the document was issued. None
  • address
  • Object The data extracted from the submitted document, specifically from fields that are related to the address of the person to whom the document was issued. N/A
  • unparsedAddress
  • Object An unparsed version of the address of the person to whom the document was issued. N/A
  • addressLine1
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the first line of the address, as printed, of the person to which the document was issued. None
  • addressLine2
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the second line of the address, as printed, of the person to which the document was issued. None
  • addressLine3
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the third line of the address, as printed, of the person to which the document was issued. None
  • addressLine4
  • String The data extracted from an MRZ, PDF417 barcode, or biozone field related to the fourth line of the address, as printed, of the person to which the document was issued. None

    Manual Error Responses

    400 Response Example

    HTTP/1.1 400 Bad Request
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "Missing image data."
    }
    
    OR
    
    { 
      "message": "No images were provided."
    }
    
    OR
    
    { 
      "message": "Please specify a valid dataType for deviceExtractedData."
    }
    
    OR
    
    { 
      "message": "Unknown value "PDF417_STRING_VAL" for enum customerapi.DeviceExtractedData_DataType."
    }
    
    OR
    
    { 
      "message": "Incorrect endpoint for request type."
    }
    

    401 Response Example

    HTTP/1.1 401 Unauthorized
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "The token is either invalid, malformed, inactive, or missing the required scopes."
    }
    

    404 Response Example

    HTTP/1.1 404 Not Found
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "The result you attempted to retrieve does not exist or has already been retrieved."
    }
    
    OR
    
    { 
      "message": "Not Found"
    }
    

    408 Response Example

    HTTP/1.1 408 Request Timeout
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "Request Timeout"
    } 
    

    413 Response Example

    HTTP/1.1 413 Request Entity Too Large
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "Request Entity Too Large"
    }
    

    415 Response Example

    HTTP/1.1 415 Unsupported Media Type
    Content-Type: application/json
    
    { 
      "message": "Please ensure you are specifying application/json as the Content-Type."
    } 
    

    429 Response Example

    HTTP/1.1 429 Too Many Requests
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "Too Many Requests"
    }
    

    500 Response Example

    HTTP/1.1 500 Internal Server Error
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "An internal error has occurred. Please try again in a few minutes."
    }
    

    503 Service Unavailable

    HTTP/1.1 503 Service Unavailable
    Content-Type: text/plain
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    Service Unavailable
    
    OR
    
    HTTP/1.1 503 Service Unavailable
    Content-Type: application/json
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    { 
      "message": "Service Unavailable"
    }
    

    Standard HTTP REST-based response codes and messages are used to indicate success or failure for a request.

    Returned Fields

    Name Type Description Restrictions
    message String A message describing the error. None

    Polling

    Mitek has implemented a polling approach for the retrieval of results via our asynchronous APIs. The polling API provides details of the state of all currently in-process and completed transactions to customers on a per-tenant basis. When leveraging the API, Mitek recommends a polling interval of 5 seconds and will start to return a 429 response if polling exceeds 1 API call per second.

    Polling Request

    Request Example

    GET /identity/v3/poll HTTP/1.1
    Authorization: bearer $OAUTH_TOKEN
    

    Polling is implemented as a simple GET operation on the polling end-point and will return a list of current transactions for the tenant with details of their current status (PROCESSING, COMPLETED, or ERROR).

    Run in Postman

    URL

    /identity/v3/poll

    Polling Response

    Response Example

    HTTP/1.1 200 OK
    Content-Type: application/json;
    Mitek-Server-Processing-Time: 4012
    Mitek-Request-Id: 4d6a4dc2-a756-4479-99c2-a856b41456c6
    
    {
      "requests": [
        {
          "service": "VERIFY_MANUAL"
          "requestId": "4d6a4dc2-a756-4479-99c2-a856b41456c6",
          "customerReferenceId": "CUSTOMER PROVIDED REFERENCE ID",
          "retrievalId": "4c52b0ef-aa28-4675-85d7-207b00486520",
          "status": "COMPLETED"
        },
        {
          "service": "VERIFY_EXPERT"
          "requestId": "7bd9aada-d538-4f48-807f-3ba97428e770",
          "customerReferenceId": "CUSTOMER PROVIDED REFERENCE ID",
          "retrievalId": "1a55b710-def3-4bc2-89c8-17cefd8c7c98",
          "status": "COMPLETED"
        }
      ]
    }
    
    

    All of Mitek's asynchronous APIs leverage a polling approach for statusing and retrieval of responses. Each request to the polling API will return the details of all current documents that are in process with their associated status (PROCESSING, COMPLETED, or ERROR). The polling response will only return the details of those documents that have not yet completed or have not yet been retrieved from the platform. Once final results have been retrieved from the retrieval end-point, the polling API will no longer return the transaction status in the response.

    Returned HTTP Headers

    Name Type Description Restrictions
    Mitek-Server-Processing-Time Number The total duration, in milliseconds, from the time the entire request was received until the response was sent. None
    Mitek-Request-Id String The UUID assigned to the request. UUID

    Returned Fields

    Name Type Description Restrictions
    requests
  • requestId
  • String The UUID assigned to the request. UUID
  • customerReferenceId
  • String The optional CustomerReferenceID value that was submitted with the original request. None
  • service
  • String

    Type of service requested

    VERIFY_MANUAL: Mitek Mobile Verify Manual

    VERIFY_EXPERT: Mitek Mobile Verify Expert

    VERIFY_MANUAL, or VERIFY_EXPERT
  • retrievalId
  • String Unique identifier used for the retrieval of the final result UUID
  • status
  • String

    Current status of the transaction

    COMPLETED: Manual processing of the submitted document has completed and the results are available for retrieval from the appropriate retrieval API

    PROCESSING: The document is still being reviewed by the manual review and/or expert teams

    ERROR: An unrecoverable technical error has occurred, please resubmit the transaction for processing

    COMPLETED, PROCESSING, or ERROR

    Polling Error Responses

    401 Response Example

    HTTP/1.1 401 Unauthorized
    Content-Type: application/json
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    { 
      "requestId": "1068a8af-4ef7-4507-98a2-8334657b2bc4", 
      "message": "The token is either invalid, malformed, inactive, or missing the required scopes"
    }
    

    403 Response Example

    HTTP/1.1 403 Forbidden
    Content-Type: application/json
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    { 
      "requestId": "1068a8af-4ef7-4507-98a2-8334657b2bc4", 
      "message": "Forbidden"
    }
    

    408 Response Example

    HTTP/1.1 408 Request Timeout
    Content-Type: text/plain
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    Request Timeout
    

    429 Response Example

    HTTP/1.1 429 Too Many Requests
    Content-Type: text/plain
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    Too Many Requests
    

    500 Response Example

    HTTP/1.1 500 Internal Server Error
    Content-Type: application/json
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    { 
      "message": "An internal error has occurred. Please try again in a few minutes."
    }
    

    503 Service Unavailable

    HTTP/1.1 503 OK
    Content-Type: text/plain
    Mitek-Request-Id: 1068a8af-4ef7-4507-98a2-8334657b2bc4
    
    Service Unavailable
    

    Standard HTTP REST-based response codes and messages are used to indicate success or failure for a request.