Resources - Digiprove's API - Verify Digiproved Content
Submitting a Digiprove Verify Request
The message will be in the following XML format:
<user_agent>xxxxxxxxxxxxxxxx</user_agent>string identifying the originating software and system
Following set of credentials is optional - if supplied, response will contain full certificate info (if it is your cert)
<user_id>xxxxxxxxxxxxxxxx</user_id>Mandatory: string max 40 characters - note this is usually the user's email address
<password>xxxxxxxxxxxxxx</password>Either this or api_key/domain pair must be submitted. Minimum 6 characters
<domain_name>xxxxxxxxxxxxxx</domain_name>Name of domain matching the API key submitted, or for which a new API key requested
<api_key>xxxxxxxxxxxxxx</api_key>API key corresponding to domain
<certificate_id>xxxxxxxxxxxxxxxx</certificate_id>The Digiprove Certificate Id - either this or content_fingerprint must be supplied. If both are supplied, a full tamper check can be performed.
<content_fingerprint>xxxxxxxxxxxx</content_fingerprint>SHA256 - Either this or <certificate_id> should be supplied
<original_document_id>xxxxxxxxxxxxxxx</original_document_id>Optional, expected original document id (for verification)
<version>xxxxxxxxxxxxxxx</version>optional, expected version
Processing a Digiprove Verify Request
This xml envelope is submitted to Digiprove's SOAP service, which will perform the following:
  • Parse and validate XML; if valid, proceed to
  • Find original Digiprove certificate details by reference to certificate id or content fingerprint
  • Check supplied details are corresponding and check that it is latest version (if so requested)
  • Send back a response in an XML envelope in the format defined below
Format of Digiprove Verify Response
<result_code>999</result_code>See below for values
<result>xxxxxxxxxxxxxxxx</result>Description of result
<instance_count>xxxxxxxxxxxxxx</instance_count>Only present if searching on fingerprint alone (i.e. no certificate id supplied) - number of times this content has been Digiproved
<notes>xxxxxxxxxx</notes>Additional qualification notes if relevant
<certificate_id>xxxxxxxxxxxxxx</certificate_id>If there was more than one match, this is the earliest (lowest) certificate id
Following additional info supplied to authenticated users:
<digital_fingerprint>xxxxxxxxxxx</digital_fingerprint>Uses SHA256 algorithm - primary digital fingerprint of certified document.
<certificate_url>http://xxxxxxxxxx</certificate_url>a url which will display confirmation of the Digiproved content (unless private)
<title>xxxxxxxxxx</title>Document title (if known)
<published_url>http://xxxxxxxxxx</published_url>a url where the Digiproved content is published (as provided - not verified)
<original_document_id>xxxxxxxxxx</original_document_id>Original Document id if known (that this instance is a version of)
<version>xxxxxxxxxx</title>Document version (if known)
<authors>xxxxxxxxxx</authors>Document authors (if known)
Note: If there were multiple hits on the fingerprint, the above information will be repeated per certificate wrapped in "document_nnn" tags
Result Codes
200 - Document is authentic and all requested checks were successful
201 - Qualified Success (qualification described in result)
202 - Document is authentic but out of date (latest version number in result)
210 - Digiprove has no record of this document
211 - Digiprove has no record of this instance of this document (but is aware of the original document id)
220 - Possible Tamper Alert! The certificate is valid, but the content fingerprint does not match any of the Digiproved files/documents
110 - Internal error
120 - XML validation error (as described in <result> tag)
130 - Other Error (as described in <result> tag)
Test Drive the Technology What is Digiprove? Do I need it?