Auth Initial (Possession)
POST/prove/auth
Starts the possession step of the Prefill flow, confirming the applicant controls the supplied mobile number. Choose a channel via type:
otp— Prove sends the applicant a one-time passcode over SMS. Complete the step by submitting the code to Auth Final (POST /prove/auth/{session_id}).magic_link— Prove returns anauth_url(a Magic Link). Present it to the applicant; after they tap it, poll Auth Final to read the result.
The response carries the engine-minted session_id (echo it back on Auth Final as the {session_id} path parameter) and an Agc-Applicant-Id response header identifying the applicant record. Pass Agc-Applicant-Id back on later calls to update the same applicant instead of creating a new one.
Request
Responses
- 200
- 400
- 401
- 403
- 429
- 500
Possession step initiated
Response Headers
The applicant id
We update the API major version whenever we introduce breaking changes. Internally, we update minor and patch versions whenever we add functionality and backward-compatible updates
The current limit on a 5-minute window.
The remaining calls on a 5-minute window.
The timestamp of the request reception.
Bad Request
Unauthorized
Forbidden
Too Many Requests
Internal Server Error