Read an ID Pass API

Q: How long are images retained?

Whatever you set image_retention_days to at register time (0 to 5000 days). When set to 0, images are deleted on completion. Read calls after the retention window return the response without images.

Q: What does requested_identity_mismatch: true actually mean?

A requested_identity was supplied at registration and the identity verified from the documents didn’t match it. Informational only — it doesn’t itself fail the ID Pass. Use it as a signal to investigate whether the customer presented a different person’s documents.

POST

/idpass/details

LIVE

Retrieves the full result of an ID Pass. You get validation outcomes, biometric results, captured document images, OCR data, and the verified identity. Supply the cipher key returned at registration to receive decrypted values, or omit it and decrypt locally. Optional flags let you pull debug logs, document detail and captured images.

calendar_today Request a Demo Contact Sales

Home
API
Endpoints
ID Pass
Read an ID Pass API

Read an ID Pass API

Example Request

POST

request.json

key Auth: BearerAuth

{
  "id": "fe4291ca-d831-4760-96df-c9cb03b3cd95",
  "cipher_key": "IHm81bkcMsTL7J1ilxhDNE59+p5OQkvUJ3mZQhlUNHA=",
  "return_logs": true,
  "return_images": true,
  "return_documents": true
}

Request Schema

id

Required

uuid

The ID Pass identifier returned from register.

cipher_key

Optional

string

Supply to receive decrypted sensitive fields. Omit to receive encrypted payloads for local decryption.

return_logs

Optional

boolean

Include the debug log of user steps.

return_images

Optional

boolean

Include captured images (within retention window).

return_documents

Optional

boolean

Include full OCR and validation detail for each document.

Available Response Data

13 Data Points

inventory_2 What You Receive

monitor_heart

status: new / opened / in_progress / complete / expired / failed / cancelled

monitor_heart

verification_status: passed / failed

or null while in progress

data_object

verification_description: human-readable reason

database

Original config

link validity, retention, allowed doc types, webhook config, requested_identity, privacy policy URL, requester name

schedule

Timestamps: created_at, consent_given_at, completed_at

data_object

Consent text shown to the user

location_on

IP address used to complete the flow

schedule

Debug logs (when requested) with timestamps, IPs and event descriptions

speed

validation_summary: liveness_result (validated, confidence, attempts, bounding_box), id_photo_result, document_1/2/3 results

document_type, validated_fields, biographic_validated, biometric_validated, biometric_similarity, biometric_threshold, changes the user made before validation

fact_check

verified_identity: the identity established across documents

fact_check

requested_identity_mismatch boolean: informational, doesn't itself fail the verification

fact_check

documents (when return_documents: true): full OCR data, validation result (shape varies by dvs / basic / idsp strategy), validation_data

description

images (when return_images: true): probe image, document 1/2/3 front/back/photo, id_photo, id_photo_cropped

Base64 JPEG

lock Full API documentation provided after vetting from our compliance team. Request sample response arrow_forward

By The Numbers

API Data Scale & Coverage tag

Unmatched data depth to power your compliance and verification workflows.

50M+

Phone & Email Records

40M+

Adverse Court Records

2BN+

Australian Universe Records

18M+

Real Estate Records

7M+

Deceased Records

980M+

Social Media & Employment Records

Practical Applications

Technical Use Cases tag

assignment_turned_in

Backend completion handler

Hit this endpoint from your webhook receiver when the complete event fires to pull the full verification result into your KYC system of record.

image

Archive Images for Compliance Audits

Within the retention window, retrieve the captured document images and probe image for compliance archival.

bug_report

Customer support triage

When customers report verification issues, the debug logs show you exactly where they got stuck — consent step, document upload, liveness, biometric match.

Trust & Assurance

Compliance & Security tag

Enterprise-grade infrastructure audited against the standards your regulators require.

verified_user

ISO 27001 Certified

enhanced_encryption

AES-256 Encryption

public

Australian Data Sovereignty

Integration & Support

Common Questions tag

Everything you need to know about implementation details and compliance infrastructure.

Filter by topic

help

Compliance Team

Global Data Support

Need help planning your custom integration or understanding our compliance coverage? Our team is here to assist.

shield_lock Security

Why might I omit the cipher_key on read?

add

Supplying the key lets GlobalData decrypt the data server-side before returning it. Omitting it means you receive encrypted payloads and decrypt locally. The local-decrypt path is the right one when your security policy says decrypted PII shouldn’t leave your trust boundary.

rocket_launch Implementation

How long are images retained?

add

Whatever you set image_retention_days to at register time (0 to 5000 days). When set to 0, images are deleted on completion. Read calls after the retention window return the response without images.

help_center General

What does requested_identity_mismatch: true actually mean?

add

A requested_identity was supplied at registration and the identity verified from the documents didn’t match it. Informational only — it doesn’t itself fail the ID Pass. Use it as a signal to investigate whether the customer presented a different person’s documents.

Try it Live

API Testing Sandbox tag

Test the Read an ID Pass API directly in your browser with live mock data and see instant results.

rocket_launch Request Sandbox Access

Access to live sandbox environments requires manual approval from our compliance team.