Transaction

When you submit a query to the Anti-Fraud services, you create a Transaction. A transaction may contain the execution of one or more services configured in the query model or informed in the request body. These services may be internal analyses or external queries that are performed on the processing conveyor. After that, based on validation rules, the status is set for the transaction.

Services and validation rules can be configured only in the query template.

A transaction is characterized by an endpoint where the required services can be informed and a set of rules validated.

For details on authentication, access Authenticating.

Authentication Requirements:

  • Regular endpoints use OAuth2 authentication with base URL: https://api.us.prd.caf.io

  • For enhanced security, some endpoints may also support mTLS authentication with base URL: https://mtls.us.prd.caf.io

  • For information on implementing mTLS, access Using mTLS

Supported endpoints

Create transaction

post

Submission of the necessary person or company data and the template model against which the verification services shall be executed, as well as the set of rules to be validated.

Required Permission: Create Transaction

Authorizations
Query parameters
originstringRequired

Parameter that defines the onboarding origin. Must be set to TRUST.

Header parameters
AuthorizationstringRequired

Access token.

Example: Bearer your_token_here
Body
templateIdstringRequired

Unique ID of the Query Template (configured in Trust).

metadataobjectOptional

Free to add any kind of attribute, ideal for linking IDs or other information in the transaction.

referenceTokenstringOptional

Mobile Token (Session Token).

_callbackUrlstring · uriOptional

Callback URL (webhook).

Responses
200

Success

application/json
post
POST /v1/transactions HTTP/1.1
Host: api.us.prd.caf.io
Authorization: text
Content-Type: application/json
Accept: */*
Content-Length: 351

{
  "templateId": "text",
  "files": [
    {
      "data": "text",
      "type": "SELFIE"
    }
  ],
  "attributes": {
    "cpf": "text",
    "rg": "text",
    "name": "text",
    "birthDate": "text",
    "fatherName": "text",
    "motherName": "text",
    "uf": "text",
    "cnpj": "text",
    "cep": "text",
    "email": "[email protected]",
    "phoneNumber": "text",
    "plate": "text"
  },
  "metadata": {},
  "referenceToken": "text",
  "_callbackUrl": "https://example.com"
}
{
  "requestId": "6cb8093c-14ef-4fd1-810b-ee9fa5f9aae9",
  "id": "6021a21b3811c35ecb8dea20"
}

Upload file

post

Upload a file to be used in transactions. The file will be stored temporarily and can be referenced in transaction creation.

Required Permission: Upload Document

Authorizations
Header parameters
AuthorizationstringRequired

Access token. See more in the 'Authentication' topic.

Example: Bearer your_token_here
Body
filestring · binaryRequired

File to be uploaded. Accepted formats: application/pdf, image/png, image/jpeg, image/bmp, image/webp, image/heif

Responses
201

Created

application/json
post
POST /v1/transactions/files HTTP/1.1
Host: api.us.prd.caf.io
Authorization: text
Content-Type: multipart/form-data
Accept: */*
Content-Length: 17

{
  "file": "binary"
}
{
  "requestId": "6cb8093c-14ef-4fd1-810b-ee9fa5f9aae9",
  "message": "File sent successfully.",
  "data": {
    "filename": "document.pdf"
  }
}

List transactions

get

Get your transaction list summarized with pagination and filters.

Required Permission: Read Transaction

Authorizations
Query parameters
_limitnumberOptional

The maximum amount of records that should be returned in the response, e.g. _limit=5. Max value is 10 and default is 10.

_orderstringOptional

Sort the records returned in response by creation date in ascending or descending order. Descending (default): _order=desc Ascending : _order=asc

_templatesstringOptional

Search for too many template models by references of the templateId on the account. For multiple templates, separate the values using the pipe symbol, e.g. _templates=templateId1|templateId2|templateId3.

_startCreatedDatestring · dateOptional

Search the records created on or after any given day, e.g. _startCreatedDate=2022-01-01.

_endCreatedDatestring · dateOptional

Search the records created on or before a specified day, e.g. _endCreatedDate=2022-01-30.

Header parameters
AuthorizationstringRequired

Access token. See more in the 'Authentication' topic

Example: Bearer your_token_here
Responses
200

Success

application/json
get
GET /v1/transactions HTTP/1.1
Host: api.us.prd.caf.io
Authorization: text
Accept: */*

{
  "requestId": "6cb8093c-14ef-4fd1-810b-ee9fa5f9aae9",
  "items": [
    {
      "id": "6388ac6b409eff000804dadf",
      "status": "APPROVED",
      "createdAt": "2022-09-08T22:10:14.816Z",
      "data": {
        "cpf": "00011122233",
        "birthDate": "01/01/2000",
        "name": "John Doe"
      }
    }
  ],
  "totalItems": 2
}

Get transaction by ID

get

Retrieve the result data of a transaction.

Required Permission: Read Transaction

Authorizations
Path parameters
transactionIdstringRequired

Transaction identifier.

Query parameters
_includePfRelationshipsbooleanOptional

Flag for including transactions related to onboarding pf_pf. Default is 'false'. e.g. _includePfRelationships=true.

_includeCroppedImagesbooleanOptional

Flag to include the cropped versions of the images of the sended documents. Default is 'false'. e.g. _includeCroppedImages=true.

_langstringOptional

Flag to set the language in the description of the reasons for manual failures. Possible values are 'en' or 'pt'. Default is 'pt'. e.g. _lang=en.

Header parameters
AuthorizationstringRequired

Access token. See more in the 'Authentication' topic

Responses
200

Success

application/json
get
GET /v1/transactions/{transactionId} HTTP/1.1
Host: api.us.prd.caf.io
Authorization: text
Accept: */*

{
  "requestId": "6cb8093c-14ef-4fd1-810b-ee9fa5f9aae9",
  "items": [
    {}
  ],
  "totalItems": 2
}

Ensure your OAuth2 client has the necessary permissions for each endpoint. Permissions are managed in Trust. Requests without proper permissions will result in a 403 Forbidden error.

Last updated