Outils pour utilisateurs

Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentesRévision précédente
Prochaine révision		Révision précédente
en:guide_du_developpeur_service [2025/08/07 15:22] adminen:guide_du_developpeur_service [2026/01/26 14:45] (Version actuelle) admin
Ligne 23: Ligne 23:
   - **Creating a user enrollment**: When creating a user enrollment, you will receive an enrollment ID and an API key (api_key), which will be essential for the rest of the process.   - **Creating a user enrollment**: When creating a user enrollment, you will receive an enrollment ID and an API key (api_key), which will be essential for the rest of the process.
   - **Route selection**: The api_key obtained in the previous step allows you to retrieve the identifier of the “route” to be executed. In your use case, there will be only one route available – the customizable online process by Docaposte.   - **Route selection**: The api_key obtained in the previous step allows you to retrieve the identifier of the “route” to be executed. In your use case, there will be only one route available – the customizable online process by Docaposte.
-  - **Acceptance of Terms & Conditions**: This method allows you to update the fields `accept_cgu` and `accept_biometry` within the enrollment.+  - **Acceptance of Terms & Conditions**: This method allows you to update the fields `accepted_system_cgu` and `accept_biometry` within the enrollment.
   - **Data comparison (optional)**: It is also possible to compare expected data with information extracted from the identity document.   - **Data comparison (optional)**: It is also possible to compare expected data with information extracted from the identity document.
   - **Identity document upload**: Upload of the ID document is performed at this step.   - **Identity document upload**: Upload of the ID document is performed at this step.
Ligne 29: Ligne 29:
   - **Finalizing the enrollment**: Finalizes the user enrollment.   - **Finalizing the enrollment**: Finalizes the user enrollment.
   - **Retrieving the report**: You can retrieve the user enrollment report using the enrollment ID obtained in step two. The report includes the status of the enrollment, technical information, and details of the verification steps.   - **Retrieving the report**: You can retrieve the user enrollment report using the enrollment ID obtained in step two. The report includes the status of the enrollment, technical information, and details of the verification steps.
 +  - **Retrieving the idClaim (optional)**: Only in the case of advanced electronic signature, returns an ASIC-E.
  
 ---- ----
Ligne 36: Ligne 37:
 If you haven't done so yet, we recommend starting with the first section of this guide: **Getting Started with ID360** If you haven't done so yet, we recommend starting with the first section of this guide: **Getting Started with ID360**
  
-===== 1.2 Headers for Your Upcoming Requests =====+====== 1. API Login ======
  
-{{:headers.png|Example of headers}}+==== 1.1 API Login: Authentication ====
  
-The key header to include in your API requests is:+[[https://preprod.id360docaposte.com/static/swagger.html#/user/login|See method in Swagger]]
  
-**''Authorization''** → must contain: +---- 
-  * the **''Token''** prefix+ 
 + 
 +=== 🔧 Requête CURL – Production === 
 +<code javascript> 
 +curl -X POST "https://id360docaposte.com/api/1.0.0/user/login/"
 +  -H "accept: application/json"
 +  -d '{ "username": "string", "password": "string", "token": "string" }' 
 +</code> 
 + 
 +=== 🔧 Requête CURL – Préproduction === 
 +<code javascript> 
 +curl -X POST "https://preprod.id360docaposte.com/api/1.0.0/user/login/"
 +  -H "accept: application/json"
 +  -d '{ "username": "string", "password": "string", "token": "string" }' 
 +</code> 
 +---- 
 + 
 +=== 📥 Required Parameters === 
 + 
 +^ Parameter  ^ Required ^ Details ^ 
 +| ''username''  | Yes      | Login identifier (by default, the application login)| 
 +| ''password''  | Yes      | Password | 
 +| ''token''     | No (except for admin) | Unnecessary for `application` accounts. Required only for `admin` accounts with two-factor authentication | 
 + 
 +---- 
 + 
 +=== 📤 Expected Result (example) === 
 + 
 +**HTTP Status**: `200 OK` 
 + 
 +**Response Body**: 
 +<code javascript> 
 +
 +  "token": "0123456789abcdef01234567" 
 +
 +</code> 
 + 
 +---- 
 + 
 +=== 💬 Notes === 
 + 
 +  * This call **must be made by your server**, **never** from the user’s browser. 
 +  * The **token is valid for 15 minutes**. This duration **resets on each API call** using the token. 
 +  * If you use an expired token or no token, you’ll get a `401 Unauthorized` error. 
 +  * As long as the token is valid, **do not call `/login/` again**. 
 +  * Use the token in the header of future calls:''Authorization: Token 0123456789abcdef01234567'' 
 +  * The token is made up of 25 characters (fixed length). 
 + 
 +---- 
 + 
 + 
 +==== 1.2 Headers for your API Requests ==== 
 + 
 +{{:headers.png|Headers example}} 
 + 
 +Essential header for your API calls: 
 + 
 +**`Authorization`** → must contain: 
 +  * the prefix **`Token`**
   * a space   * a space
-  * the **token value** obtained during the API login+  * the **token value** from the login call
  
 **Example**: **Example**:
Ligne 56: Ligne 115:
 === Testing via Swagger === === Testing via Swagger ===
  
-To test the API calls in Swagger: +To test calls in Swagger: 
-  - Click on the **''Try it out''** button (top right) +  - Click **"Try it out"** (top right) 
-  - Enter the token using the format: Token 0123456789abcdef01234567 +  - Enter the token in this format: `Token 0123456789abcdef01234567` 
-  - Then click on **''Authorize''**+  - Then click **"Authorize"**
  
-You will then be authenticated to perform API calls directly from Swagger.+You will then be authenticated to run API calls directly from Swagger.
  
 ---- ----
  
-====1.3 ⚠️ Token Lifetime and Renewal – MUST BE IMPLEMENTED ⚠️ =====+==== ⚠️ 1.3 Token lifespan and refresh – MUST BE IMPLEMENTED ⚠️ ====
  
-**The authentication token is valid for 15 minutes.**   +The **login token is valid for 15 minutes**, and its lifespan is **reset with every call using the token** (*except `logIn` itself*).
-This duration is **reset with every API call that uses the token** (*except for the ''logIn'' method*).+
  
-If you're not authenticated or your token has expired, you will receive a **401 Unauthorized** error for any request that requires authentication.+If you are not connected or the token is expired, you will receive a **401 Unauthorized** for any operation requiring authentication.
  
 ---- ----
  
-=== 🔁 Extending the Token Lifetime === +=== 🔁 Extending Token Validity ===
- +
-To extend your token's validity, you can call the following method **every 13 minutes**:+
  
-**''/api/1.0.0/user/whoami''**+To extend token lifespan, you may call this method **every 13 minutes**: 
 +**`/api/1.0.0/user/whoami`**
  
 This method: This method:
   * Requires **no parameters**   * Requires **no parameters**
-  * Requires an **Authorization header** in the following format:+  * Requires an **Authorization header**:
  
 <code> <code>
Ligne 92: Ligne 149:
 === ✅ Validity Check === === ✅ Validity Check ===
  
-  * If this method returns **200 status code**, your token is still valid. +  * If the method returns **200 OK**, your token is still valid. 
-  * Otherwise, you will need to generate a **new token** using the **''logIn''** method.+  * Otherwise, generate a **new token** via the `logInmethod.
  
 **ℹ️ Reminder: integrate this call automatically into your process to avoid repeatedly calling the logIn method, as this may be interpreted by ID360 as abnormal or aggressive behavior.** **ℹ️ Reminder: integrate this call automatically into your process to avoid repeatedly calling the logIn method, as this may be interpreted by ID360 as abnormal or aggressive behavior.**
Ligne 171: Ligne 228:
   * **''group''**: optional – Enables consumption exports grouped by logical units.   * **''group''**: optional – Enables consumption exports grouped by logical units.
  
-> For more details on callback_endpoints, refer to [[https://wiki.id360docaposte.com/doku.php?id=guide_callbacks|this dedicated guide]].+> For more details on callback_endpoints, refer to [[https://id360.doca-id.com/doku.php?id=guide_callbacks|this dedicated guide]].
  
 ---- ----
Ligne 325: Ligne 382:
 <code bash> <code bash>
 curl -X POST \ curl -X POST \
-  "https://id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_cgu=true&accepted_biometry=true" \+  "https://id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_system_cgu=true&accepted_biometry=true" \
   -H "accept: */*" \   -H "accept: */*" \
   -H "x-api-key: <your_api_key>" \   -H "x-api-key: <your_api_key>" \
Ligne 335: Ligne 392:
 <code bash> <code bash>
 curl -X POST \ curl -X POST \
-  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_cgu=true&accepted_biometry=true" \+  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_system_cgu=true&accepted_biometry=true" \
   -H "accept: */*" \   -H "accept: */*" \
   -H "x-api-key: <your_api_key>" \   -H "x-api-key: <your_api_key>" \
Ligne 351: Ligne 408:
 === 💬 Notes === === 💬 Notes ===
  
-  * ✅ If you are only uploading an **identity or supporting document**, use `accepted_cgu=true` only.+  * ✅ If you are only uploading an **identity or supporting document**, use `accepted_system_cgu=true` only.
   * ✅ If you are also uploading a **selfie**, make sure to add `accepted_biometry=true` in the URL.   * ✅ If you are also uploading a **selfie**, make sure to add `accepted_biometry=true` in the URL.
  
Ligne 357: Ligne 414:
  
 In the process configuration, it is mandatory to select **at least one data field to compare**.   In the process configuration, it is mandatory to select **at least one data field to compare**.  
-To do so, go to the **''Information Entry''** block and choose the elements to compare.+To do so, go to the **''Information input''** block and choose the elements to compare. 
 + 
 +Then, under the “Validations selection”, click on “Identity” and check the controls you want to enable. 
 +For example, “Verify coherence with the identity name.”
  
 [[https://preprod.id360docaposte.com/static/swagger.html#/Enrollment%20Control/control_data|See the method in Swagger]] [[https://preprod.id360docaposte.com/static/swagger.html#/Enrollment%20Control/control_data|See the method in Swagger]]
Ligne 448: Ligne 508:
   * **`total_pages`**: indicates the **total number of pages** to be uploaded for the document (e.g., `2` for a front/back ID).   * **`total_pages`**: indicates the **total number of pages** to be uploaded for the document (e.g., `2` for a front/back ID).
   * **`uploaded_page`**: index (starting at `0`) of the page currently being uploaded.   * **`uploaded_page`**: index (starting at `0`) of the page currently being uploaded.
 +  * **Allowed formats**: jpg, jpeg, png, pdf, heic
 +  * **Maximum size** per document: 9.5 MB
  
 ---- ----
Ligne 498: Ligne 560:
   * **`total_pages`**: must be `1` for a selfie.   * **`total_pages`**: must be `1` for a selfie.
   * **`uploaded_page=0`**: remains at `0` since there is only one page.   * **`uploaded_page=0`**: remains at `0` since there is only one page.
 +  * **Allowed formats**: jpg, jpeg, png, pdf, heic
 +  * **Maximum size** per document: 9.5 MB
  
 ---- ----
Ligne 595: Ligne 659:
  
 **HTTP Status**: ''200 OK''   **HTTP Status**: ''200 OK''  
 +
 **Response format**: JSON **Response format**: JSON
  
Ligne 676: Ligne 741:
 [[https://preprod.id360docaposte.com/static/swagger.html#/enrollment/enrollment_proof_slip|Download the PDF report]] [[https://preprod.id360docaposte.com/static/swagger.html#/enrollment/enrollment_proof_slip|Download the PDF report]]
  
 +====== 10. Retrieving the idClaim ======
  
 +[[https://preprod.id360docaposte.com/static/swagger.html#/enrollment/enrollment_idclaim|See the method in Swagger]]
 +
 +----
 +
 +=== 🔧 CURL Request – Production ===
 +<code javascript>
 +curl -X GET \
 +  "https://id360docaposte.com/api/1.0.0/enrollment/{id}/idclaim" \
 +  -H "accept: application/json" \
 +  -H "Authorization: Token 0123456789abcdef01234567"
 +</code>
 +
 +----
 +
 +=== 🔧 CURL Request – Preproduction ===
 +<code javascript>
 +curl -X GET \
 +  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/{id}/idclaim" \
 +  -H "accept: application/json" \
 +  -H "Authorization: Token 0123456789abcdef01234567"
 +</code>
 +
 +----
 +
 +=== 🛠 Technical information ===
 +
 +  * **''{id}''** : user file identifier, retrieved when it is created.
 +  * **Parameters** : none expected in this request.
 +
 +----
 +
 +=== ✅ Expected result ===
 +
 +**HTTP Status** : ''200 OK''
 +
 +**Response format** : ASIC-E
 +
 +----
 +
 +=== 💬 Notes ===
 +
 +  * The connection token is **valid for 15 minutes**, renewed with each call made using this token.
 +  * If the token is expired or missing, you will receive a **401 Unauthorized** error.
 +  * As long as your token remains valid, **you must not reuse the ''login'' method**.
 +  * The token must be used in the header of subsequent calls as follows:
 +
 +<code>
 +Authorization: Token token_returned_by_login
 +</code>

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also, you acknowledge that you have read and understand our Privacy Policy. If you do not agree, please leave the website.

Plus d’informations