Différences

Ci-dessous, les différences entre deux révisions de la page.

--- en:guide_du_developpeur_service [2025/08/08 10:00] – admin
+++ en:guide_du_developpeur_service [2026/01/26 14:45] (Version actuelle) – admin
@@ Ligne 23: / Ligne 23: @@
   - **Creating a user enrollment**: When creating a user enrollment, you will receive an enrollment ID and an API key (api_key), which will be essential for the rest of the process.
   - **Route selection**: The api_key obtained in the previous step allows you to retrieve the identifier of the “route” to be executed. In your use case, there will be only one route available – the customizable online process by Docaposte.
-  - **Acceptance of Terms & Conditions**: This method allows you to update the fields `accept_cgu` and `accept_biometry` within the enrollment.
+  - **Acceptance of Terms & Conditions**: This method allows you to update the fields `accepted_system_cgu` and `accept_biometry` within the enrollment.
   - **Data comparison (optional)**: It is also possible to compare expected data with information extracted from the identity document.
   - **Identity document upload**: Upload of the ID document is performed at this step.
@@ Ligne 29: / Ligne 29: @@
   - **Finalizing the enrollment**: Finalizes the user enrollment.
   - **Retrieving the report**: You can retrieve the user enrollment report using the enrollment ID obtained in step two. The report includes the status of the enrollment, technical information, and details of the verification steps.
+  - **Retrieving the idClaim (optional)**: Only in the case of advanced electronic signature, returns an ASIC-E.
 ----
@@ Ligne 35: / Ligne 36: @@
 If you haven't done so yet, we recommend starting with the first section of this guide: **Getting Started with ID360**
+====== 1. API Login ======
 ==== 1.1 API Login: Authentication ====
@@ Ligne 61: / Ligne 64: @@
 ^ Parameter  ^ Required ^ Details ^
-| ''username''  | Yes      | Login identifier |
+| ''username''  | Yes      | Login identifier (by default, the application login)|
 | ''password''  | Yes      | Password |
 | ''token''     | No (except for admin) | Unnecessary for `application` accounts. Required only for `admin` accounts with two-factor authentication |
@@ Ligne 92: / Ligne 95: @@
-===== 1.2 Headers for Your Upcoming Requests =====
+==== 1.2 Headers for your API Requests ====
-{{:headers.png|Example of headers}}
+{{:headers.png|Headers example}}
-The key header to include in your API requests is:
+Essential header for your API calls:
-**''Authorization''** → must contain:
+**`Authorization`** → must contain:
-  * the **''Token''** prefix
+  * the prefix **`Token`**
   * a space
-  * the **token value** obtained during the API login
+  * the **token value** from the login call
 **Example**:
@@ Ligne 112: / Ligne 115: @@
 === Testing via Swagger ===
-To test the API calls in Swagger:
+To test calls in Swagger:
-  - Click on the **''Try it out''** button (top right)
+  - Click **"Try it out"** (top right)
-  - Enter the token using the format: Token 0123456789abcdef01234567
+  - Enter the token in this format: `Token 0123456789abcdef01234567`
-  - Then click on **''Authorize''**
+  - Then click **"Authorize"**
-You will then be authenticated to perform API calls directly from Swagger.
+You will then be authenticated to run API calls directly from Swagger.
 ----
-===== 1.3 ⚠️ Token Lifetime and Renewal – MUST BE IMPLEMENTED ⚠️ =====
+==== ⚠️ 1.3 Token lifespan and refresh – MUST BE IMPLEMENTED ⚠️ ====
-**The authentication token is valid for 15 minutes.**
+The **login token is valid for 15 minutes**, and its lifespan is **reset with every call using the token** (*except `logIn` itself*).
-This duration is **reset with every API call that uses the token** (*except for the ''logIn'' method*).
-If you're not authenticated or your token has expired, you will receive a **401 Unauthorized** error for any request that requires authentication.
+If you are not connected or the token is expired, you will receive a **401 Unauthorized** for any operation requiring authentication.
 ----
-=== 🔁 Extending the Token Lifetime ===
+=== 🔁 Extending Token Validity ===
-To extend your token's validity, you can call the following method **every 13 minutes**:
-**''/api/1.0.0/user/whoami''**
+To extend token lifespan, you may call this method **every 13 minutes**:
+**`/api/1.0.0/user/whoami`**
 This method:
   * Requires **no parameters**
-  * Requires an **Authorization header** in the following format:
+  * Requires an **Authorization header**:
 <code>
@@ Ligne 148: / Ligne 149: @@
 === ✅ Validity Check ===
-  * If this method returns a **200 status code**, your token is still valid.
+  * If the method returns **200 OK**, your token is still valid.
-  * Otherwise, you will need to generate a **new token** using the **''logIn''** method.
+  * Otherwise, generate a **new token** via the `logIn` method.
 **ℹ️ Reminder: integrate this call automatically into your process to avoid repeatedly calling the logIn method, as this may be interpreted by ID360 as abnormal or aggressive behavior.**
@@ Ligne 227: / Ligne 228: @@
   * **''group''**: optional – Enables consumption exports grouped by logical units.
-> For more details on callback_endpoints, refer to [[https://wiki.id360docaposte.com/doku.php?id=guide_callbacks|this dedicated guide]].
+> For more details on callback_endpoints, refer to [[https://id360.doca-id.com/doku.php?id=guide_callbacks|this dedicated guide]].
 ----
@@ Ligne 381: / Ligne 382: @@
 <code bash>
 curl -X POST \
-  "https://id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_cgu=true&accepted_biometry=true" \
+  "https://id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_system_cgu=true&accepted_biometry=true" \
   -H "accept: */*" \
   -H "x-api-key: <your_api_key>" \
@@ Ligne 391: / Ligne 392: @@
 <code bash>
 curl -X POST \
-  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_cgu=true&accepted_biometry=true" \
+  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/flow/consent/?accepted_system_cgu=true&accepted_biometry=true" \
   -H "accept: */*" \
   -H "x-api-key: <your_api_key>" \
@@ Ligne 407: / Ligne 408: @@
 === 💬 Notes ===
-  * ✅ If you are only uploading an **identity or supporting document**, use `accepted_cgu=true` only.
+  * ✅ If you are only uploading an **identity or supporting document**, use `accepted_system_cgu=true` only.
   * ✅ If you are also uploading a **selfie**, make sure to add `accepted_biometry=true` in the URL.
@@ Ligne 413: / Ligne 414: @@
 In the process configuration, it is mandatory to select **at least one data field to compare**.
-To do so, go to the **''Information Entry''** block and choose the elements to compare.
+To do so, go to the **''Information input''** block and choose the elements to compare.
+Then, under the “Validations selection”, click on “Identity” and check the controls you want to enable.
+For example, “Verify coherence with the identity name.”
 [[https://preprod.id360docaposte.com/static/swagger.html#/Enrollment%20Control/control_data|See the method in Swagger]]
@@ Ligne 504: / Ligne 508: @@
   * **`total_pages`**: indicates the **total number of pages** to be uploaded for the document (e.g., `2` for a front/back ID).
   * **`uploaded_page`**: index (starting at `0`) of the page currently being uploaded.
+  * **Allowed formats**: jpg, jpeg, png, pdf, heic
+  * **Maximum size** per document: 9.5 MB
 ----
@@ Ligne 554: / Ligne 560: @@
   * **`total_pages`**: must be `1` for a selfie.
   * **`uploaded_page=0`**: remains at `0` since there is only one page.
+  * **Allowed formats**: jpg, jpeg, png, pdf, heic
+  * **Maximum size** per document: 9.5 MB
 ----
@@ Ligne 651: / Ligne 659: @@
 **HTTP Status**: ''200 OK''
 **Response format**: JSON
@@ Ligne 732: / Ligne 741: @@
 [[https://preprod.id360docaposte.com/static/swagger.html#/enrollment/enrollment_proof_slip|Download the PDF report]]
+====== 10. Retrieving the idClaim ======
+[[https://preprod.id360docaposte.com/static/swagger.html#/enrollment/enrollment_idclaim|See the method in Swagger]]
+----
+=== 🔧 CURL Request – Production ===
+<code javascript>
+curl -X GET \
+  "https://id360docaposte.com/api/1.0.0/enrollment/{id}/idclaim" \
+  -H "accept: application/json" \
+  -H "Authorization: Token 0123456789abcdef01234567"
+</code>
+----
+=== 🔧 CURL Request – Preproduction ===
+<code javascript>
+curl -X GET \
+  "https://preprod.id360docaposte.com/api/1.0.0/enrollment/{id}/idclaim" \
+  -H "accept: application/json" \
+  -H "Authorization: Token 0123456789abcdef01234567"
+</code>
+----
+=== 🛠 Technical information ===
+  * **''{id}''** : user file identifier, retrieved when it is created.
+  * **Parameters** : none expected in this request.
+----
+=== ✅ Expected result ===
+**HTTP Status** : ''200 OK''
+**Response format** : ASIC-E
+----
+=== 💬 Notes ===
+  * The connection token is **valid for 15 minutes**, renewed with each call made using this token.
+  * If the token is expired or missing, you will receive a **401 Unauthorized** error.
+  * As long as your token remains valid, **you must not reuse the ''login'' method**.
+  * The token must be used in the header of subsequent calls as follows:
+<code>
+Authorization: Token token_returned_by_login
+</code>