Welcome to the Apto Mobile (B2C) API Reference.
The Apto platform provides a set of APIs designed for the following integration scenarios:
The Mobile API is intended for a final user application which interacts with the Apto platform (B2C). For example, native mobile applications (iOS, Android) or websites.
Note: If you would like to perform a backend integration with the Apto platform, see the Apto Core API (B2B) docs.
The Apto Mobile API is a REST API that uses:
Note: HTTP is not supported. The Apto Mobile API is served over HTTPS to ensure data privacy.
All API endpoints require:
A Mobile API Key. To retrieve your Mobile API Key, register for an account or login into the Apto Developer Portal. Your Mobile API Key is listed on the Developers page.
Note: In order to register or login to your Apto Developer Portal account, you will need to download a 2FA app such as the Google Authenticator App for your mobile device.
Authorization using the Mobile API Key as the Api-Key
value. Note: If your authorization is not working, try submitting the Api-Key
as Bearer MOBILE_API_KEY
replacing MOBILE_API_KEY
with the Mobile API key from your account.
Note: The Apto Mobile API has a request rate limit of 1 request per 30 seconds for the verification and login endpoints.
We’ve tried to make this documentation as straightforward as possible, providing clear code examples, but please contact us with any questions you may have.
Use this endpoint to verify your account configuration, and to see which types of user verifications are required.
This endpoint returns the user verifications required for login and user creation.
successful operation
Invalid request
No existing account
{- "project": {
- "birthdate": "1965-10-20",
- "primary_auth_credential": "string",
- "secondary_auth_credential": "string"
}
}
Use these endpoints to verify a user and retrieve a user token. A user token is required to login and access API resources.
This endpoint starts a verification of a phone number or email address, and returns the verification ID and status.
datapoint_type required | string Value: "phone" |
datapoint required | object |
successful operation
Invalid request
{- "datapoint_type": "phone",
- "datapoint": {
- "data_type": "phone",
- "country_code": "1",
- "phone": "5551230000"
}
}
{- "type": "verification",
- "verification_type": "phone",
- "verification_mechanism": "phone",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending",
- "secondary_credential": {
- "type": "verification",
- "verification_type": "birthdate",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending"
}
}
This endpoint starts a verification of the primary credential and returns the verification ID and status.
successful operation
Invalid request
{- "type": "verification",
- "verification_type": "phone",
- "verification_mechanism": "phone",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending",
- "secondary_credential": {
- "type": "verification",
- "verification_type": "birthdate",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending"
}
}
This endpoint completes a verification of a phone number, email address, or date of birth, and returns the verification ID and status. The secret
value for a phone number or email verification is the 6-digit number sent to the specified phone number or email. If verifying a date of birth, the secret
value is the user's date of birth in YYYY-MM-DD
format.
verification_id required | string <entity_[0-9af]{16}> ID of verification |
secret required | string |
successful operation
Invalid request
No existing verification
{- "secret": "123456"
}
{- "type": "verification",
- "verification_type": "phone",
- "verification_mechanism": "phone",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending",
- "secondary_credential": {
- "type": "verification",
- "verification_type": "birthdate",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending"
}
}
This endpoint restarts a verification, and returns a new verification ID and status. This endpoint can be used in place of the Start Verification endpoint, once the verification flow has started. Note: This endpoint can only be used for phone number or email address verification.
verification_id required | string <entity_[0-9af]{16}> ID of verification |
successful operation
Invalid request
No existing verification
{- "type": "verification",
- "verification_type": "phone",
- "verification_mechanism": "phone",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending",
- "secondary_credential": {
- "type": "verification",
- "verification_type": "birthdate",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending"
}
}
Retrieves a verification returning its ID and status
verification_id required | string <entity_[0-9af]{16}> ID of verification |
successful operation
Invalid request
No existing verification
{- "type": "verification",
- "verification_type": "phone",
- "verification_mechanism": "phone",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending",
- "secondary_credential": {
- "type": "verification",
- "verification_type": "birthdate",
- "verification_id": "entity_XXXXXXXXXXXXXXXXX",
- "status": "pending"
}
}
Creates a user and its initial data
metadata | string You can use this parameter to store a string up to 256 characters with the user. |
data_points required | object |
successful operation
Invalid request
User session expired when trying to create a user with the same data more then once
No existing verification
{- "metadata": "string",
- "data_points": {
- "type": "list",
- "data": [
- {
- "type": "email",
- "email": "toby.stark@aptopayments.com"
}
]
}
}
{- "type": "user",
- "user_id": "crdhldr_b04f29605a018f7d72a2",
- "user_token": "E5PWX4T9dcPriIo ... ao0QZLC6YL/dAyaA8",
- "user_data": {
- "type": "list",
- "data": [
- {
- "type": "email",
- "email": "toby.stark@aptopayments.com"
}
], - "page": 0,
- "rows": 5,
- "has_more": true,
- "total_rows": 10
}, - "metadata": "string"
}
Updates a user data
data_points required | object |
successful operation
Invalid request
User does not exist
{- "data_points": {
- "type": "list",
- "data": [
- {
- "type": "email",
- "email": "toby.stark@aptopayments.com"
}
]
}
}
{- "type": "user",
- "user_id": "crdhldr_b04f29605a018f7d72a2",
- "user_token": "E5PWX4T9dcPriIo ... ao0QZLC6YL/dAyaA8",
- "user_data": {
- "type": "list",
- "data": [
- {
- "type": "email",
- "email": "toby.stark@aptopayments.com"
}
], - "page": 0,
- "rows": 5,
- "has_more": true,
- "total_rows": 10
}, - "metadata": "string"
}
Retrieves a user and its data
successful operation
Invalid request
User does not exist
{- "type": "user",
- "user_id": "crdhldr_b04f29605a018f7d72a2",
- "user_token": "E5PWX4T9dcPriIo ... ao0QZLC6YL/dAyaA8",
- "user_data": {
- "type": "list",
- "data": [
- {
- "type": "email",
- "email": "toby.stark@aptopayments.com"
}
], - "page": 0,
- "rows": 5,
- "has_more": true,
- "total_rows": 10
}, - "metadata": "string"
}