APIServices API

Overview

The ID.me Services API v2 enables partners to perform programmatic identity verifications through telecom and document verification endpoints.

Getting started

You will receive an API key from your account manager at ID.me. This API key is required for all requests to the Services API.

Example flow

Sequence diagram showing the ID.me document verification flow between an End User, Integrating Partner, and ID.me API: the partner optionally initiates a verification request, the user uploads documents, the partner submits them to the document/license/verify endpoint, polls document/status while processing is pending, and optionally receives a success callback before confirming the final success status to the user.

Authorization

All requests to the API require a Bearer token in the following format:

Authorization: Bearer ID.me {{token}}

Your token is the secret key for your account, Base64 encoded.

Watch the authorization demo for a walkthrough of how to generate and use your token.

Errors and HTTP status codes

The API uses three levels of detail in error reporting:

  1. HTTP status code — indicates whether the request was successfully received by the API
  2. response["status"] — top-level indication of whether the transaction completed successfully
  3. response["results"]["errors"] — detailed error information for the transaction

Example error response:

Example
1{
2  "errors": [{
3    "code": 2200,
4    "message": "Referenced product is not active"
5  }]
6}

HTTP status codes

401 — Invalid authentication credentials

CodeMessage
1100Credentials used are not associated with any account
1200Credentials used are associated with an inactive account
1300Credentials used are associated with an inactive organization

403 — Credentials do not have access to given resource

CodeMessage
2100Referenced product cannot be found
2200Referenced product is not active
2300Referenced product is not enabled for this account
3200Transaction is not owned by this account
3300Verification is not owned by this account

404 — Accessed resource does not exist

CodeMessage
4100Resource not found

422 — Invalid or missing input parameters

CodeMessage
3100Transaction parameter callback_url is invalid
3101Transaction parameter phone is missing or invalid
3102Transaction parameter code is missing or not valid
3103Transaction parameter code is expired
3104Transaction retry limit exceeded
3105Transaction is not associated with a valid possession check
3107Transaction parameter birth_date indicates user is a minor
3108Transaction parameter birth_date is not in YYYY-MM-DD format
3109The file size is too small. Uploaded files must be greater than 40KB and less than 16MB
3110The file size is too large. Uploaded files must be greater than 40KB and less than 16MB
3111Image type not supported. Please send .jpeg, .jpg, or .png files

429 — Rate limit exceeded

CodeMessage
5100Rate limit exceeded for this product
5200Rate limit exceeded for this account

500 — Internal service errors

CodeMessage
5000An error occurred for this account

Transaction status codes

An HTTP 200 response indicates the request was received, but status.code in the response body indicates whether the transaction itself completed successfully.

Example
1"status": {
2  "code": 300,
3  "message": "Transaction unsuccessful",
4  "created": "2023-05-01T11:56:53.504-04:00",
5  "updated": "2023-05-01T11:56:53.563-04:00"
6}

A status.code of 300 indicates the transaction was unsuccessful.

Transaction result errors

When response["status"]["code"] is not 200, the response["results"]["errors"] array contains details about what went wrong:

Example
1"result": {
2  "verified": false,
3  "errors": [{
4    "code": 2006,
5    "message": "The file size is too small. Uploaded files must be greater than 40KB and less than 16MB."
6  }]
7}

Some failed identity verifications include an additional_info field with further context:

Example
1"result": {
2  "verified": false,
3  "errors": [{
4    "code": 1014,
5    "message": "Could not find the user",
6    "additional_info": "birth_date does not match data on file."
7  }]
8}

Full list of transaction errors

Telecom

CodeMessage
1001Phone number cannot receive SMS message
1002SMS could not be sent
1003The phone number you provided is blocked from receiving text messages
1004The phone number you provided has recently been deactivated
1005Something went wrong while delivering the text message. Please try again
1006The network was unable to route the text message to your phone
1007The text message failed to deliver due to an issue with the phone or cellular network
1008The phone number you provided has been flagged for fraudulent activity
1009The text message failed to deliver. Please make sure your phone is turned on
1010Text messaging is not supported by the phone, carrier, or data plan
1011Something went wrong when attempting to deliver the sign in code
1012Something went wrong when attempting to deliver the sign in code
1013Name attribute is invalid
1014Could not find the user

Document

CodeMessage
2001Cannot verify users under 18 years old
2002The document provided is expired. Please upload a valid document
2003The front of the document does not match to the back of the document
2004Please ensure your document’s information is clear and visible, taken on a contrasting background, and all four corners are shown
2005We were unable to verify your document

Health check

GET /health

Returns the health status of the API. There are no parameters for this endpoint.

Example
$curl --location 'https://services.idmelabs.com/health'

Returns 200 OK with no response body.