NAV Navbar
PHP Python
  • Introduction
  • Verification Methods
  • 1 - General Purpose Verification
  • 2 - Passport Verification
  • 3 - Driving License Verification
  • 4 - ID Card Verification
  • 5 - Card Present Verification
  • Responses
  • Signature Calculation
  • Status Codes
  • Introduction

    The ShuftiPro Document Verification API is very simple to use. A typical verification flow looks like this:

    1. You send us your customer’s data to verify at one of our end points. We validate your request and send you a redirect URL so you can redirect your customer to our verification page or you can embed this in an iFrame.

    2. Your customer sees an instruction page and upon clicking Next, the verification process starts.

    3. Your customer shows his face and the required document to the camera and we start the verification process in the background.

    4. Upon verification, we will send your customer back to your given redirected url. Along with this redirect, we’ll also send you the verification response in a callback.

    5. When you receive a verification response from us, we also send you a field called signature. Please must verify this signature before proceeding. An example is given below in the code sample on your right.

    Once the verification process is completed, you are granted access to watch the verification video along with verified frames (Face, Document, the image in the document and related information such as Full name and date of birth) in our backoffice

    Verification Methods

    Currently Shfuti Pro supports 4 different kind of verification methods. These are Card Present Verification, Passport Verification, Driving License Verification and ID card verification. You can enforce your customer to verify with one of these methods or you can let them to choose how they want to verify i.e. General Purpose Verification. Below are the request parameters required for each these verification type.

    1 - General Purpose Verification

    This end point is for the general purpose verification. The user is not called for to display a particular document instead he is provided with a list of verification methods to choose from such as passport, driving license or ID card. After the user chooses one particular verification method, he is requested to display the required document in front of the camera. The validity of this document is made sure after cross checking the information provided in the request with that in the document.

    Sample Request

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    url = 'https://api.shuftipro.com/'
    CLIENT_ID = 'Your client id provided by Shuftipro'
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    post_data = {
        "client_id"           : CLIENT_ID,
        "first_name"          : "John",
        "last_name"           : "Doe",
        "dob"                 : "1980-01-31",
        "reference"           : "Your unique request reference",
        "country"             : "Pakistan",
        "phone_number"        : "+440000000000",
        "callback_url"        : "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        : "A valid callback url e.g https://www.yourdomain.com",
        }
    
    
    post_data = collections.OrderedDict(sorted(post_data.items())) #sort the dictionary
    raw_data = "".join(post_data.values()) + SECRET_KEY #get values from dictionary and append secret key
    
    hash_object = hashlib.sha256(raw_data) #calculating sha256 hash 
    signature = hash_object.hexdigest()
    
    post_data['signature'] = signature #append signature to data dictionary
    response = requests.post(url, post_data).json() #send POST request to API
    
    if response['status_code'] == "SP2":
        print response['message']   #now you can redirect your customer to this url
    
    
    
    <?php
    
    $url="https://api.shuftipro.com/";
    
    $post_data = array(
        "client_id"           => "Your client id provided by Shuftipro",
        "first_name"          => "John",
        "last_name"           => "Doe",
        "dob"                 => "1980-01-31", //Customer date of birth in valid date format
        "reference"           => "Your unique request reference",
        "country"             => "Pakistan",
        "phone_number"        => "+440000000000",
        "callback_url"        => "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        => "A valid callback url e.g https://www.yourdomain.com",
    );
    
    ksort($post_data);//Sort the all request parameter.
    $raw_data = implode("", $post_data) . "YOUR_SECRET_KEY"; //Replcae with your secret key provided by the Shuftipro;
    
    $signature              = hash("sha256", $raw_data);
    $post_data["signature"] = $signature;
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    
    

    Sample Response

    //All the responses will be in the JSON Format
    
    [
      {
        "status_code": "SP2",
        "message": "https:\/\/verify.shuftipro.com\/verify?request_id=lQcxhZRPonFm0EDk5MweA3pkgP8iwR5aL9J9wHb2LP0=",
        "reference": "req_123",//Your request reference provided at in the request
        "signature": "e7e119e37ccd94da7acfd70953aaa96a082ac309b543de338dc55bd58f2f05d4",
      }
    ]
    Your request is accepted so now you can redirect your customer to the
    URL given in the message field or you can load an iFrame within your 
    website using this URL as a source. Further details below.
    
    

    HTTP REQUEST: POST https://api.shuftipro.com/

    Parameter Type Required Description
    client_id string Yes Client`s id assigned to you by ShuftiPro.
    reference string Yes Your unique reference id which we’ll sent you back when verification is done.
    first_name string Yes Customer’s First Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    last_name string Yes Customer’s Last Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB.
    dob string Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
    phone_number string Yes Customer’s phone number with country code. Example: +440000000000
    callback_url string Yes Upon every response, we make a server to server call, it includes all the response values, so you can update status on your end even if the customer is lost in the midway through the process. Please verify the response’s signature value with your own calculated signature value.
    redirect_url string Yes Once the verification process is completed, we will redirect the customer back to your given redirect url. In this redirect request, you’ll also get all the response values in HTTP POST, so you can make your decision. Please verify the response’s signature value with your own calculated signature value. Example below
    signature string Yes sha256 hash of all the request parameters in sorted order. The details are in signature calculation section.

    2 - Passport Verification

    This end point asks your customer to display his passport. The validity of the passport is verified by cross checking the provided information with that in the passport. For example the customer name and date of birth are cross checked to make sure whether the passport shown is forged or not.

    Sample Request

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    url = 'https://api.shuftipro.com/pv'
    CLIENT_ID = 'Your client id provided by Shuftipro'
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    post_data = {
        "client_id"           : CLIENT_ID,
        "first_name"          : "John",
        "last_name"           : "Doe",
        "dob"                 : "1980-01-31", #Customer date of birth in valid date format
        "reference"           : "Your unique request reference",
        "country"             : "Pakistan",
        "phone_number"        : "+440000000000",
        "callback_url"        : "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        : "A valid callback url e.g https://www.yourdomain.com",
        }
    
    
    post_data = collections.OrderedDict(sorted(post_data.items())) #sort the dictionary
    raw_data = "".join(post_data.values()) + SECRET_KEY #get values from dictionary and append secret key
    
    hash_object = hashlib.sha256(raw_data) #calculating sha256 hash 
    signature = hash_object.hexdigest()
    
    post_data['signature'] = signature #append signature to data dictionary
    response = requests.post(url, post_data).json() #send POST request to API
    
    if response['status_code'] == "SP2":
        print response['message']   #now you can redirect your customer to this url
    
    
    
    <?php
    
    $url="https://api.shuftipro.com/pv";
    
    $post_data = array(
        "client_id"           => "Your client id provided by Shuftipro",
        "first_name"          => "John",
        "last_name"           => "Doe",
        "dob"                 => "1980-01-31", //Customer date of birth in valid date format
        "reference"           => "Your unique request reference",
        "country"             => "Pakistan",
        "phone_number"        => "+440000000000",
        "callback_url"        => "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        => "A valid callback url e.g https://www.yourdomain.com",
    );
    
    ksort($post_data);//Sort the all request parameter.
    $raw_data = implode("", $post_data) . "YOUR_SECRET_KEY"; //Replcae with your secret key provided by the Shuftipro;
    
    $signature              = hash("sha256", $raw_data);
    $post_data["signature"] = $signature;
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    
    

    Sample Response

    //All the responses will be in the JSON Format
    
    [
      {
        "status_code": "SP2",
        "message": "https:\/\/verify.shuftipro.com\/verify?request_id=lQcxhZRPonFm0EDk5MweA3pkgP8iwR5aL9J9wHb2LP0=",
        "reference": "req_123",//Your request reference provided at in the request
        "signature": "e7e119e37ccd94da7acfd70953aaa96a082ac309b543de338dc55bd58f2f05d4",
      }
    ]
    
    Your request is accepted so now you can redirect your customer to the
    URL given in the message field or you can load an iFrame within your 
    website using this URL as a source. Further details below.
    
    

    HTTP REQUEST: POST https://api.shuftipro.com/pv

    Parameter Type Required Description
    client_id string Yes Client`s id assigned to you by ShuftiPro.
    reference string Yes Your unique reference id which we’ll sent you back in each response so that you can verify the request.
    first_name string Yes Customer’s First Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    last_name string Yes Customer’s Last Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB.
    dob string Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
    phone_number string Yes Customer’s phone number with country code. Example: +440000000000
    callback_url string Yes Upon every response, we make a server to server call, it includes all the response values, so you can update status on your end even if the customer is lost in the midway through the process. Please verify the response’s signature value with your own calculated signature value.
    redirect_url string Yes Once the verification process is completed, we will redirect the customer back to your given redirect url. In this redirect request, you’ll also get all the response values in HTTP POST, so you can make your decision. Please verify the response’s signature value with your own calculated signature value.Example below
    signature string Yes sha256 hash of all the request parameters in sorted order. The details are in signature calculation section.

    3 - Driving License Verification

    This end point asks your customer to display his Driving License. ShuftiPro verifies the validity of driving license by cross checking the information (customer name and date of birth) provided in the request with that in the driving license.

    Sample Request

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    url = 'https://api.shuftipro.com/dlv'
    CLIENT_ID = 'Your client id provided by Shuftipro'
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    post_data = {
        "client_id"           : CLIENT_ID,
        "first_name"          : "John",
        "last_name"           : "Doe",
        "dob"                 : "1980-01-31", #Customer date of birth in valid date format
        "reference"           : "Your unique request reference",
        "country"             : "Pakistan",
        "phone_number"        : "+440000000000",
        "callback_url"        : "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        : "A valid callback url e.g https://www.yourdomain.com",
        }
    
    
    post_data = collections.OrderedDict(sorted(post_data.items())) #sort the dictionary
    raw_data = "".join(post_data.values()) + SECRET_KEY #get values from dictionary and append secret key
    
    hash_object = hashlib.sha256(raw_data) #calculating sha256 hash 
    signature = hash_object.hexdigest()
    
    post_data['signature'] = signature #append signature to data dictionary
    response = requests.post(url, post_data).json() #send POST request to API
    
    if response['status_code'] == "SP2":
        print response['message']   #now you can redirect your customer to this url
    
    
    
    <?php
    
    $url="https://api.shuftipro.com/dlv";
    
    $post_data = array(
        "client_id"           => "Your client id provided by Shuftipro",
        "first_name"          => "John",
        "last_name"           => "Doe",
        "dob"                 => "1980-01-31", //Customer date of birth in valid date format
        "reference"           => "Your unique request reference",
        "country"             => "Pakistan",
        "phone_number"        => "+440000000000",
        "callback_url"        => "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        => "A valid callback url e.g https://www.yourdomain.com",
    );
    
    ksort($post_data);//Sort the all request parameter.
    $raw_data = implode("", $post_data) . "YOUR_SECRET_KEY"; //Replcae with your secret key provided by the Shuftipro;
    
    $signature              = hash("sha256", $raw_data);
    $post_data["signature"] = $signature;
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    
    

    Sample Response

    //All the responses will be in the JSON Format
    
    [
      {
        "status_code": "SP2",
        "message": "https:\/\/verify.shuftipro.com\/verify?request_id=lQcxhZRPonFm0EDk5MweA3pkgP8iwR5aL9J9wHb2LP0=",
        "reference": "req_123",//Your request reference provided at in the request
        "signature": "e7e119e37ccd94da7acfd70953aaa96a082ac309b543de338dc55bd58f2f05d4",
      }
    ]
    
    Your request is accepted so now you can redirect your customer to the
    URL given in the message field or you can load an iFrame within your 
    website using this URL as a source. Further details below.
    
    

    HTTP REQUEST: POST https://api.shuftipro.com/dlv

    Parameter Type Required Description
    client_id string Yes Client`s id assigned to you by ShuftiPro.
    reference string Yes Your unique reference id which we’ll sent you back in each response so that you can verify the request.
    first_name string Yes Customer’s First Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    last_name string Yes Customer’s Last Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB.
    dob string Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
    phone_number string Yes Customer’s phone number with country code. Example: +440000000000
    callback_url string Yes Upon every response, we make a server to server call, it includes all the response values, so you can update status on your end even if the customer is lost in the midway through the process. Please verify the response’s signature value with your own calculated signature value.
    redirect_url string Yes Once the verification process is completed, we will redirect the customer back to your given redirect url. In this redirect request, you’ll also get all the response values in HTTP POST, so you can make your decision. Please verify the response’s signature value with your own calculated signature value. Example below
    signature string Yes sha256 hash of all the request parameters in sorted order. The details are in signature calculation section.

    4 - ID Card Verification

    This end point asks your customer to display his Identity Document. It could be government, school and/or university issued ID card. ShuftiPro verifies the validity of such ID card by cross checking the information (customer name and date of birth) provided in the request with that in the ID card.

    Sample Request

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    url = 'https://api.shuftipro.com/idv'
    CLIENT_ID = 'Your client id provided by Shuftipro'
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    post_data = {
        "client_id"           : CLIENT_ID,
        "first_name"          : "John",
        "last_name"           : "Doe",
        "dob"                 : "1980-01-31", #Customer date of birth in valid date format
        "reference"           : "Your unique request reference",
        "country"             : "Pakistan",
        "phone_number"        : "+440000000000",
        "callback_url"        : "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        : "A valid callback url e.g https://www.yourdomain.com",
        }
    
    
    post_data = collections.OrderedDict(sorted(post_data.items())) #sort the dictionary
    raw_data = "".join(post_data.values()) + SECRET_KEY #get values from dictionary and append secret key
    
    hash_object = hashlib.sha256(raw_data) #calculating sha256 hash 
    signature = hash_object.hexdigest()
    
    post_data['signature'] = signature #append signature to data dictionary
    response = requests.post(url, post_data).json() #send POST request to API
    
    if response['status_code'] == "SP2":
        print response['message']   #now you can redirect your customer to this url
    
    
    
    <?php
    
    $url="https://api.shuftipro.com/idv";
    
    $post_data = array(
        "client_id"           => "Your client id provided by Shuftipro",
        "first_name"          => "John",
        "last_name"           => "Doe",
        "dob"                 => "1980-01-31", //Customer date of birth in valid date format
        "reference"           => "Your unique request reference",
        "country"             => "Pakistan",
        "phone_number"        => "+440000000000",
        "callback_url"        => "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        => "A valid callback url e.g https://www.yourdomain.com",
    );
    
    ksort($post_data);//Sort the all request parameter.
    $raw_data = implode("", $post_data) . "YOUR_SECRET_KEY"; //Replcae with your secret key provided by the Shuftipro;
    
    $signature              = hash("sha256", $raw_data);
    $post_data["signature"] = $signature;
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    
    

    Sample Response

    //All the responses will be in the JSON Format
    
    [
      {
        "status_code": "SP2",
        "message": "https:\/\/verify.shuftipro.com\/verify?request_id=lQcxhZRPonFm0EDk5MweA3pkgP8iwR5aL9J9wHb2LP0=",
        "reference": "req_123",//Your request reference provided at in the request
        "signature": "e7e119e37ccd94da7acfd70953aaa96a082ac309b543de338dc55bd58f2f05d4",
      }
    ]
    
    Your request is accepted so now you can redirect your customer to the
    URL given in the message field or you can load an iFrame within your 
    website using this URL as a source. Further details below.
    
    

    HTTP REQUEST: POST https://api.shuftipro.com/idv

    Parameter Type Required Description
    client_id string Yes Client`s id assigned to you by ShuftiPro.
    reference string Yes Your unique reference id which we’ll sent you back in each response so that you can verify the request.
    first_name string Yes Customer’s First Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    last_name string Yes Customer’s Last Name. The maximum length of the string is 32 characters and minimum required length is 2 characters.
    country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB.
    dob string Yes Customer’s date of birth (YYYY-MM-DD). Example: 1980-01-31
    phone_number string Yes Customer’s phone number with country code. Example: +440000000000
    callback_url string Yes Upon every response, we make a server to server call, it includes all the response values, so you can update status on your end even if the customer is lost in the midway through the process. Please verify the response’s signature value with your own calculated signature value.
    redirect_url string Yes Once the verification process is completed, we will redirect the customer back to your given redirect url. In this redirect request, you’ll also get all the response values in HTTP POST, so you can make your decision. Please verify the response’s signature value with your own calculated signature value. Example below
    signature string Yes sha256 hash of all the request parameters in sorted order. The details are in signature calculation section.

    5 - Card Present Verification

    This end point will ask your customer to display his/her credit/debit card. ShuftiPro will confirm the first 6-digits and the last 4-digits of the credit/debit card which is on display. This end point can be used to make sure whether your customer owns the actual credit/debit card for the purchase purposes.

    Sample Request

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    url = 'https://api.shuftipro.com/cpv'
    CLIENT_ID = 'Your client id provided by Shuftipro'
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    post_data = {
        "client_id"           : CLIENT_ID,
        "card_first_6_digits" : "123456",
        "card_last_4_digits"  : "7890",
        "reference"           : "Your unique request reference",
        "country"             : "Pakistan",
        "phone_number"        : "+440000000000",
        "callback_url"        : "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        : "A valid callback url e.g https://www.yourdomain.com",
        }
    
    
    post_data = collections.OrderedDict(sorted(post_data.items())) #sort the dictionary
    raw_data = "".join(post_data.values()) + SECRET_KEY #get values from dictionary and append secret key
    
    hash_object = hashlib.sha256(raw_data) #calculating sha256 hash 
    signature = hash_object.hexdigest()
    
    post_data['signature'] = signature #append signature to data dictionary
    response = requests.post(url, post_data).json() #send POST request to API
    
    if response['status_code'] == "SP2":
        print response['message']   #now you can redirect your customer to this url
    
    
    
    
    <?php
    
    $url="https://api.shuftipro.com/cpv";
    
    $post_data = array(
    
        "client_id"           => "Your client id provided by Shuftipro",
        "card_first_6_digits" => "123456",
        "card_last_4_digits"  => "7890",
        "reference"           => "Your unique request reference",
        "country"             => "Pakistan",
        "phone_number"        => "+440000000000",
        "callback_url"        => "A valid callback url e.g https://www.yourdomain.com",
        "redirect_url"        => "A valid callback url e.g https://www.yourdomain.com",
    );
    
    ksort($post_data);//Sort the all request parameter.
    $raw_data = implode("", $post_data) . "YOUR_SECRET_KEY"; //Replcae with your secret key provided by the Shuftipro;
    
    $signature              = hash("sha256", $raw_data);
    $post_data["signature"] = $signature;
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    $response = curl_exec($ch);
    curl_close($ch);
    
    

    Sample Response

    //All the responses will be in the JSON Format
    
    [
      {
        "status_code": "SP2",
        "message": "https:\/\/verify.shuftipro.com\/verify?request_id=lQcxhZRPonFm0EDk5MweA3pkgP8iwR5aL9J9wHb2LP0=",
        "reference": "req_123",//Your request reference provided at in the request
        "signature": "e7e119e37ccd94da7acfd70953aaa96a082ac309b543de338dc55bd58f2f05d4",
      }
    ]
    Your request is accepted so now you can redirect your customer to the
    URL given in the message field or you can load an iFrame within your 
    website using this URL as a source. Further details below.
    
    

    HTTP REQUEST: POST https://api.shuftipro.com/cpv

    Parameter Type Required Description
    client_id string Yes Client`s id assigned to you by ShuftiPro.
    reference string Yes Your unique reference id which we’ll send you back in each response so that you can verify the request.
    card_first_6_digits string Yes First 6 digits of the customer’s credit/debit card number. The maximum and the minimum length required is 6 digits.
    card_last_4_digits string Yes Last 4 digits of the customer’s credit/debit card number. The maximum and the minimum length required is 4 digits.
    country string Yes Full Country name or ISO2 Code. Example: United Kingdom or GB.
    phone_number string Yes Customer’s phone number with country code. Example: +440000000000
    callback_url string Yes Upon every response, we make a server to server call, it includes all the response values, so you can update status on your end even if the customer is lost in the midway through the process. Please verify the response’s signature value with your own calculated signature value. Example below
    redirect_url string Yes Once the verification process is completed, we will redirect the customer back to your given redirect url. In this redirect request, you’ll also get all the response values in HTTP POST, so you can make your decision. Please verify the response’s signature value with your own calculated signature value. Example below
    signature string Yes sha256 hash of all the request parameters in sorted order. The details are in signature calculation section.

    Responses

    The ShuftiPro api will send you the two types of responses. One is HTTP response and the second one is callback response.

    Both HTTP & callback responses will be in the JSON format. Both the responses contain the following parameters.

    Parameter Description
    status_code One of the status codes from the status codes section.
    message The description of status code. If the status code is SP2 then the message will be a redirect url.
    reference Your unique request reference which was provided at the time of the request so that you can identify the response in relation to the request.
    signature The SHA256 hash of all response parameters. The process of signature calculation is in the response signature calculation section.

    Signature Calculation

    The request and response signature can be calculated as:

    Request Signature

    1. Sort all the request parameters in (ascending-alphabets) order as described in the example
    2. Append the secret key in the end
    3. Calculate the SHA256 hash of string

    Response Signature

    1. Decode the response from JSON format.
    2. Get all the response parameters` value
    3. Append the secret key in the end
    4. Calculate the SHA256 hash of the string

    see an example on your right hand side, please.

    Response Signature Calculation Sample

    
    #!/usr/bin/python
    import hashlib
    import requests
    import  json
    import collections
    
    SECRET_KEY = 'YOUR_SECRET_KEY'
    
    response = "" #some json response
    response_signature = response['signature'] 
    response.pop("signature") #unset signature from dictionary 
    request_data = "".join(response.values()) + SECRET_KEY #get values from dictionary and append secret key 
    
    hash_object = hashlib.sha256(request_data) #calculating sha256 hash 
    calculated_signature = hash_object.hexdigest()
    
    if calculated_signature == response_signature:
        print "Signature Matched, now you casn proceed"
    else:
        print "Not Matched!"
    
    
    
    
    <?php
    
    $response             = ""; //The response from shuftipro api
    $param_array         = (array) json_decode($response);
    $response_signature  = $param_array['signature'];
    
    unset($param_array['signature']); //unset the signature from the array
    
    $request_data         = implode("", $param_array);
    $calculated_signature = hash('sha256', $request_data . "YOUR_SECRET_KEY");
    
    if($response_signature == $calculated_signature)
    {
        print 'Signature Matched, now you casn proceed!';
    }
    else 
    {
        print 'Not Matched!';
    }
    
    

    Status Codes

    Status Code Meaning HTTP Callback
    SP0 Not Verified Yes Yes
    SP1 Verified Yes Yes
    SP2 Success! -- Contains the redirect url in message paramter. Yes Yes
    SP11 Length Validation -- [parameter_name] maximum and minumum length limit is [parameter_name] characters. Yes Yes
    SP14 Duplicate reference -- If a duplicate reference is provided. Yes Yes
    SP15 Invalid client id -- Client id is invalid or not found. Yes Yes
    SP16 Missing required paramter -- ["parameter_name"] is required but either missing or empty Yes Yes
    SP17 Invalid format -- ["parameter_name"] is not in the correct format. Yes Yes
    SP18 Invalid signature -- Invalid request signature. Yes Yes
    SP19 Invalid country code -- Invalid country code or country is not supported. Yes Yes
    SP20 Invalid Phone No -- Invalid phone number is provided. Yes Yes
    SP21 Invalid Method Name -- Given verification method is not supported. Yes Yes
    SP23 Invalid DOB -- Date of birth is not valid. Yes Yes
    SP24 Blocked Client -- Your account is not active. Yes Yes
    SP25 Request Timeout -- Send in callback when request timeout No Yes
    SP26 User has been landed on verification page No Yes
    SP27 Request is already processed No Yes