API Overview
- Auth API
- Underwriting API
- Portal
- Prospect Adobe
- Prospect Document
- Prospect Dropbox Files
- Prospect Entities
- Prospect Extras
- Prospect Generate PDF
- Prospect Integration
- Prospect Logs
- Prospect Messages
- Prospect Ofac Search
- Prospect Plaid Email
- Prospect Resellers
- Prospects
- Prospect Scores
- Prospect Scores Average Bank Balance
- Prospect Scores Business Types
- Prospect Scores Equifax Owner Credit
- Prospect Scores Tax Id
- Prospects Scores Average Bank Balances Plaid Transaction
- Prospect Status
- Process API
- Main API
- API Onboarding Tutorial
- Verify API
iCG Verify API - Verify API
Introduction
iCG Verify APIs allow you to perform the activities related to holding transactions operations.
The iCG Verify API - Verify APIs' end points and their functionalities are given below:
|
API End Point
|
API Functionality
|
|
ICG Verify Process is the process where we validate a pair of information containing both routingNumber that must be of 9-digits and accountNumber that must be of 14 digits for the same bank that is being validated. After the account has been created, you will need to verify the information by making a POST /IcgVerify/Process request.
|
|
|
This is the extended version of the ICG Verify feature. It only can be used if the merchant provided has the permission FEATURE_ICG_VERIFY_EXTENDED assigned to the related user authenticated. As this extended verification process is for the commercial users i.e., merchants so this will need more verification parameters than the usual user. This feature exploits all the Verification Provider options to validate an account based on many other parameters besides the Bank Route Number and Account Number.
|
iCG Authentication Service
iCG APIs are secured by OAuth 2.0 ROPC grant type. The external application must obtain user authorization before it executes an endpoint call incase this API chooses to use OAuth 2.0 ROPC Grant. This authorization includes the following steps:
- You must first exchange the user's credentials for an access token.
- The access token is an object containing information for authorizing client requests and refreshing the token itself.
The end-to-end authorization request is represented in the below diagram.
sequenceDiagram
participant Merchant
participant ICG (token URL)
autonumber
Merchant ->>ICG (token URL): Client ID, username, password
ICG (token URL)->>Merchant: id_token, access token, refresh token
The above step is to generate access token using the iCG provided Client id and with Merchant's user credentials.
Key Request Parameters
Once you receive the Client ID, and the user credentials, the next step is call the OAuth 2.0 ROPC endpoint to generate the access token.
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| Auth URI | https://auth.icheckdev.com/ |
| Client ID | *****(iCG application audience ID) |
| Username | {username} |
| Password | {password} |
| grant_type | password |
Sample cURL Request
curl -X POST \
--url 'https://auth.icheckdev.com/Login' \
--header 'Accept: application/json' \
--data 'grant_type=password' \
--data 'username={USERNAME}' \
--data 'password={PASSWORD}' \
--data 'client_id={iCG APPLICATION AUDIENCE ID}' \
On receiving the requests, iCG Authorization system validates all the parameters in the request and, if the request pass through the validation process, then it will generate your access token and return it in the response.
Sample Response Body
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJjNjFhY2JhYy02NjA4LTQ3Y2YtYWIxOS0wZWQ2YmY3NTI5MTciLCJ1bmlxdWVfbmFtZSI6IlN1c2VlbGEiLCJlbmNyeXB0ZWRfZW1haWwiOiJGcGJnZ1RqbTNkbXl2cFlWVlVZNnJzcHBDKzcweFIwWGoyeTR1Mm8rc1ZRPSIsInR5cGUiOiIiLCJpc3MiOiJodHRwczovL2F1dGguaWNoZWNrZGV2LmNvbS8iLCJhdWQiOiJmMWZhN2ZmZi05MmU0LTQxMzMtOGQxMC0zNjg2OGM0OTg3YWQiLCJleHAiOjE3MDQ5MDY1MjAsIm5iZiI6MTcwNDgyMDEyMH0.Q03E-HrXto9CBzHcC43qn2wZG5VpUV4hzIfcCuRGWu4"
"token_type":"bearer"
"expires_in":86399
}
The response parameters and their descriptions are:
| Parameter | Description |
| access_token | The access token to be used to call the functional APIs |
| token_type | Bearer |
| expires_in | The number of seconds until the access token expires |
iCG Verify Process
This is the endpoint allows you to verify the pair of information containing both routing number and the account number once the account is created.
Key Request Parameters
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| URI | /ICGVerify/Process |
Headers
| Element | Value |
| siteID | The siteID is the ID which is displayed in the developer's My account page in the iCG developer portal. |
Request body
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| Routing number | A routing number is a nine-digit code that indicates at which financial institution the merchant has the account. When combined with the merchant's account number, it allows financial institutions, processors, and other entities to locate the merchant's individual account. | Mandatory | Numeric (9 digit) | 083000056 |
| Account number |
The account number is the unique number allocated to the merchant by the financial institutions
|
Mandatory | Numeric (14 digits) | 123467899891 |
| First name | The first name of the merchant | Mandatory | String | John |
| Last name | The last name of the merchant | Mandatory | String | Peter |
| Gateway Live | A Gateway is the payment gateway which allows a merchant to accept/decline payment from customers via online process. This endpoint verifies whether the Gateway is active or not. | Mandatory | Boolean | True |
Sample cURL request
curl --location 'https://verify.icheckdev.com/ICGVerify/Process' \
--header 'siteID: EEJT' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJlYjg1M2IzMi01MjYzLTQ3ZDMtODJjOS0yM2NkY2FjNWI4YmQiLCJ1bmlxdWVfbmFtZSI6InN1c2VlbGFzIiwiZW5jcnlwdGVkX2VtYWlsIjoiL0NmWU1tYmpncmF3VzM0a0RBVkZSMzZvY3V4MHRpZjNvU2FTc01QSk14QT0iLCJ0eXBlIjoiIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmljaGVja2Rldi5jb20vIiwiYXVkIjoiN2E4ODM4YjBlMDJlNGI2MWIwZjhiMjlhZTI5YzRmOTMiLCJleHAiOjE3MDkzMDk2NzksIm5iZiI6MTcwOTIyMzI3OX0.71TT9fveuSqVs5_3rndUBL1Dfb_jrhYnVkBiFMOZIAU' \
--data '{
"BankAccount": {
"RoutingNumber": "083000056",
"AccountNumber": "123467899891"
},
"personInfo": {
"personName": {
"lastName": "summit",
"firstName": "sagar"
}
},
"GatewayLive": true
}'
Sample Response
{"code":"I011","decision":"DECLINED","description":"Account number format is suspicious","addendaRecords":[],"error":null}
This is the endpoint allows you to verify the pair of information containing both routing number and the account number. This endpoint also requires more verification parameters than the usual user.
Key Request Parameters
| Element | Value |
| Method | POST |
| Authorization Type | OAuth 2.0 ROPC |
| URI | /IcgVerify/ProcessExt |
Headers
| Element | Value |
| siteID | The siteID is the ID which is displayed in the developer's My account page in the iCG developer portal. |
Request body
| Parameter Name | Description | Mandatory/Optional | Data Type | Example |
| Routing number | A routing number is a nine-digit code that indicates at which financial institution the merchant has the account. When combined with the merchant's account number, it allows financial institutions, processors, and other entities to locate the merchant's individual account. | Mandatory | Numeric (9 digit) | 083000056 |
| Account number |
The account number is the unique number allocated to the merchant by the financial institutions
|
Mandatory | Numeric (14 digits) | 123467899891 |
| First name | The first name of the merchant | Mandatory | String | John |
| Last name | The last name of the merchant | Mandatory | String | Peter |
| Gateway Live | A Gateway is the payment gateway which allows a merchant to accept/decline payment from customers via online process. This endpoint verifies whether the Gateway is active or not. | Mandatory | Boolean | True |
Sample cURL request
curl --location 'https://verify.icheckdev.com/ICGVerify/ProcessExt' \
--header 'siteID: EEJT' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJuYW1laWQiOiJlYjg1M2IzMi01MjYzLTQ3ZDMtODJjOS0yM2NkY2FjNWI4YmQiLCJ1bmlxdWVfbmFtZSI6InN1c2VlbGFzIiwiZW5jcnlwdGVkX2VtYWlsIjoiL0NmWU1tYmpncmF3VzM0a0RBVkZSMzZvY3V4MHRpZjNvU2FTc01QSk14QT0iLCJ0eXBlIjoiIiwiaXNzIjoiaHR0cHM6Ly9hdXRoLmljaGVja2Rldi5jb20vIiwiYXVkIjoiN2E4ODM4YjBlMDJlNGI2MWIwZjhiMjlhZTI5YzRmOTMiLCJleHAiOjE3MDkzNzM3ODAsIm5iZiI6MTcwOTI4NzM4MH0.RP8HR4bjsiUk2JKi3obXKCBzuYuU6M2YYUwNmARq4Lc' \
--data '{
"BankAccount": {
"RoutingNumber": "091807908",
"AccountNumber": "3345"
},
"personInfo": {
"personName": {
"lastName": "summit",
"firstName": "sagar"
}
},
"GatewayLive": true
}'
Sample Response
To view our list of APIs, please visit the Verify API page.