API Overview
- Auth API
- Underwriting API
- Portal
- Prospect Adobe
- Prospect Document
- Prospect Dropbox Files
- Prospect Entities
- Prospect Extras
- Prospect Generate PDF
- Prospect Integration
- Prospect Logs
- Prospect Messages
- Prospect Ofac Search
- Prospect Plaid Email
- Prospect Resellers
- Prospects
- Prospect Scores
- Prospect Scores Average Bank Balance
- Prospect Scores Business Types
- Prospect Scores Equifax Owner Credit
- Prospect Scores Tax Id
- Prospects Scores Average Bank Balances Plaid Transaction
- Prospect Status
- Process API
- Main API
- API Onboarding Tutorial
- Verify API
Accounts - Auth API
Introduction
Accounts Auth APIs allow you to perform the activities related to accounts operations such as
- Create change password, forgot password, my settings, new user and so on
- Update my settings, my profile
- Retrieve the list of current users, Resend confirmation mail/confirm change password/confirm forgot password and so on
- Delete current user settings
The Accounts - Auth API and their functionalities are given below:
|
API End Point
|
API Functionality
|
|
Resends confirmation email once a user has registered.
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
|
GET /ConfirmChangeEmail
|
Allows a user to confirm his new account by email
|
|
GET /ConfirmChangePassword
|
Allows a user to change his password
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
GET /ConfirmEmail
|
Allows a new user to confirm his account by email
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
GET /ConfirmEmailSetPasswordAction
|
Allows a new user to confirm his account by email
|
|
GET /DisableTFA
|
Disables Google two-factor authentication for the current user
|
|
GET /EnableAppTFA
|
Enables Google two-step Authentication for a given app
|
|
GET /ForgotPassword
|
Allows to recover the password by sending an email
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
GET /ForgotUserName
|
Allows a user to recover the username by sending an email
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
Returns and lists the current user's permissions
|
|
|
GET /MyProfile
|
Returns and lists details concerning the current user
|
|
GET /MySettings
|
Returns and lists an array of the current user settings
|
|
GET /MySettings/{Key}
|
Returns and lists a specific user setting belonging to the current user, based on the setting's key
|
|
GET /SendRegisterEmail
|
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
POST /ChangeEmail
|
Allows the user to change the email address
|
|
POST /ChangePassword
|
Allow current user to Change their Password
|
|
POST /EnableTFA
|
Enables the Google Authenticator for the app, by submitting the necessary information
|
|
POST /ForgotPasswordV2
|
Allow to recover the password by sending an email
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
POST /ForgotUsernameV2
|
Allows a user to recover the username by sending an email
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
POST /Login
|
|
|
Allows an app to access the system via an API, through a special Api Key.
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
|
Allows an entity to confirm login by OTP code sent via email or via phone.
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
|
POST /MySettings
|
Post/Put current user settings
|
|
POST /Register
|
Allows for the registration of a new user into the system.
Note:
This endpoint allows anonymous access, it does not require authentication.
|
|
PUT /MyProfile
|
Edits details that belong to the current user
|
|
PUT /MySettings
|
Post/Put current user settings
|
|
Delete /MySettings
|
Deletes current user Settings
|
iCG Authentication Service
iCG APIs are secured by OAuth 2.0 ROPC grant type. The external application must obtain user authorization before it executes an endpoint call incase this API chooses to use OAuth 2.0 ROPC Grant. This authorization includes the following steps:
- You must first exchange the user's credentials for an access token.
- The access token is an object containing information for authorizing client requests and refreshing the token itself.
The end-to-end authorization request is represented in the below diagram.
sequenceDiagram
participant Merchant
participant ICG (token URL)
autonumber
Merchant ->>ICG (token URL): Client ID, username, password
ICG (token URL)->>Merchant: id_token, access token, refresh token
The above step is to generate access token using the iCG provided Client id and with Merchant's user credentials.
Key Request Parameters
Once you receive the Client ID, and the user credentials, the next step is call the OAuth 2.0 ROPC endpoint to generate the access token.
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| Auth URI | https://auth.icheckdev.com/ |
| Client ID | *****(iCG application audience ID) |
| Username | {username} |
| Password | {password} |
| grant_type | password |
Sample cURL Request
curl -X POST \
--url 'https://auth.icheckdev.com/Login' \
--header 'Accept: application/json' \
--data 'grant_type=password' \
--data 'username={USERNAME}' \
--data 'password={PASSWORD}' \
--data 'client_id={iCG APPLICATION AUDIENCE ID}' \
On receiving the requests, iCG Authorization system validates all the parameters in the request and, if the request pass through the validation process, then it will generate your access token and return it in the response.
Sample Response Body
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjNjFhY2JhYy02NjA4LTQ3Y2YtYWIxOS0wZWQ2YmY3NTI5MTciLCJ1bmlxdWVfbmFtZSI6IlN1c2VlbGEiLCJlbmNyeXB0ZWRfZW1haWwiOiJGcGJnZ1RqbTNkbXl2cFlWVlVZNnJzcHBDKzcweFIwWGoyeTR1Mm8rc1ZRPSIsInR5cGUiOiIiLCJpc3MiOiJodHRwczovL2F1dGguaWNoZWNrZGV2LmNvbS8iLCJhdWQiOiJmMWZhN2ZmZi05MmU0LTQxMzMtOGQxMC0zNjg2OGM0OTg3YWQiLCJleHAiOjE3MDQ5MDY1MjAsIm5iZiI6MTcwNDgyMDEyMH0.Q03E-HrXto9CBzHcC43qn2wZG5VpUV4hzIfcCuRGWu4"
"token_type":"bearer"
"expires_in":86399
}
The response parameters and their descriptions are:
| Parameter | Description |
| access_token | The access token to be used to call the functional APIs |
| token_type | Bearer |
| expires_in | The number of seconds until the access token expires |
Resend Confirmation Email
Introduction
This endpoint allows to resend confirmation email once a user is registered in iCG developer account.
Key Request Parameters
| Element | Value |
| Method | GET |
| Authorization Type | This endpoint allows anonymous access, it does not require authentication. |
| URI |
/{userId}/{audienceId}/ReSendConfirmationEmail |
Query Parameter
URI: /{userId}/{audienceId}/ReSendConfirmationEmail?userId=eb853b32-5263-47d3-82c9-23cdcac5b8bd&audienceId=f1fa7fff-92e4-4133-8d10-36868c4987ad
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| userId | This is the Id created by iCG in the back end when user registers his/her account in the developer portal | Mandatory | string | eb853b32-5263-47d3-82c9-23cdcac5b8bd89 |
| audienceId |
This the Id displayed in the My account page of the registered user. Note: The user must use the specific audienceId related to the API |
Mandatory | string | f1fa7fff-92e4-4133-8d10-36868c4987ad |
Sample cURL request
curl --location --globoff 'https://auth..com/{userId}/{audienceId}/ReSendConfirmationEmail?userId=eb853b32-5263-47d3-82c9-23cdcac5b8bd&audienceId=f1fa7fff-92e4-4133-8d10-36868c4987ad'
Sample Response
The response is triggered as below:
My Permission
Introduction
This endpoints returns and list the current user's permissions.
Key Request Parameters
| Element | Value |
| Method | GET |
| Authorization Type | OAuth 2.0 ROPC |
| URI |
/MyPermissions |
Note: The user can find the details to generate token in iCG Authorization API section
Headers
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| Aud_id |
This the Id displayed in the My account page of the registered user. Note: The user must use the specific audienceId related to the API |
Mandatory | string | f1fa7fff-92e4-4133-8d10-36868c4987ad |
Sample cURL request
curl --location 'https://auth.icheckdev.com/MyPermissions' \
--header 'Aud_id: f1fa7fff-92e4-4133-8d10-36868c4987ad' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJlYjg1M2IzMi01MjYzLTQ3ZDMtODJjOS0yM2NkY2FjNWI4YmQiLCJ1bmlxdWVfbmFtZSI6InN1c2VlbGFzIiwiZW5jcnlwdGVkX2VtYWlsIjoiMHZDdDVRa1JlWXVIdFhHaGJzVFh5S2MyN3cwNTdUV2pkd2h2RW83Wit1MD0iLCJ0eXBlIjoiIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmljaGVja2Rldi5jb20vIiwiYXVkIjoiZjFmYTdmZmYtOTJlNC00MTMzLThkMTAtMzY4NjhjNDk4N2FkIiwiZXhwIjoxNzA4Nzk1MTg2LCJuYmYiOjE3MDg3MDg3ODZ9.WN9oXM64HK0dINu6AnqHK1H-OCBorSQ4Z4384WUrHZw'
Sample Response
The response is triggered as below:
Login via API Key
Introduction
This endpoint allows an application to access the system via an API, through a special Api Key.
Key Request Parameters
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| URI |
/Login/API |
Note: The user can find the details to generate token in iCG Authorization API section
Query Parameters
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| appid |
The appid is the application ID assigned to the user |
Mandatory | string | 9db2d10e25ac4e309a79ddc497e1b1ed |
| apikey |
The apikey is the hash key of the application |
Mandatory | string | 1GNK7kNgO7yZH0ngOBXGVvaIQMp1aLhGJyrM20B98o4= |
| audienceid |
This the Id displayed in the My account page of the registered user. Note: The user must use the specific audienceId related to the API |
Mandatory | string | f1fa7fff-92e4-4133-8d10-36868c4987ad |
Sample cURL
requestcurl --location --request POST 'https://auth.icheckdev.com/Login/API?appid=9db2d10e25ac4e309a79ddc497e1b1ed&apikey=1GNK7kNgO7yZH0ngOBXGVvaIQMp1aLhGJyrM20B98o4%3D&audienceid=f1fa7fff-92e4-4133-8d10-36868c4987ad'
On receiving the requests, iCG Authorization system validates all the parameters in the request and, if the request pass through the validation process, then it will generate your access token and return it in the response.
Sample Response Body
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJlYjg1M2IzMi01MjYzLTQ3ZDMtODJjOS0yM2NkY2FjNWI4YmQiLCJ1bmlxdWVfbmFtZSI6InN1c2VlbGFzIiwiZW5jcnlwdGVkX2VtYWlsIjoiMHZDdDVRa1JlWXVIdFhHaGJzVFh5S2MyN3cwNTdUV2pkd2h2RW83Wit1MD0iLCJ0eXBlIjoiOWRiMmQxMGUyNWFjNGUzMDlhNzlkZGM0OTdlMWIxZWQiLCJpc3MiOiJodHRwczovL2F1dGguaWNoZWNrZGV2LmNvbS8iLCJhdWQiOiJmMWZhN2ZmZi05MmU0LTQxMzMtOGQxMC0zNjg2OGM0OTg3YWQiLCJleHAiOjE3MDkwNTQ1MjEsIm5iZiI6MTcwODk2ODEyMX0.ELEAOjLyWFlXVmbLfyPOnzjnTsXnhm5YEE4zfIR_ySM"
"token_type":"bearer"
"expires_in":86399
}
The response parameters and their descriptions are:
| Parameter | Description |
| access_token | The access token to be used to call the functional APIs |
| token_type | Bearer |
| expires_in | The number of seconds until the access token expires |
Login via Two way Factor Authentication
Key Request Parameters
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| URI | /Login/TFA |
Query Parameters
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| pretoken |
This is the token received in the response of the endpoint "/login" Note: It is mandatory that the audienceid must be TFA enabled |
Mandatory | string | 780aef20-6bcf-4583-94b7-b7d77ad83d10 |
| code |
This is the code received in the registered email id. Note:
|
Mandatory | string | 256987 |
| audienceid |
This the Id displayed in the My account page of the registered user. Note: The user must use the specific audienceId related to the API |
Mandatory | string | f1fa7fff-92e4-4133-8d10-36868c4987ad |
Sample cURL
curl --location --request POST 'https://auth.icheckdev.com/Login/TFA?pretoken=c5a45ec7-a32d-424e-9abd-8c81bb03ead6&code=234996&audienceId=54308d5e5afb456aba153e8ae02c215c'
On receiving the requests, iCG Authorization system validates all the parameters in the request and, if the request pass through the validation process, then it will generate a token and return it in the response.
Sample Response Body
To view our list of APIs, please visit the Auth API page.