# Callbacks

This topic describes how to receive callback notifications from the Assure API.

You can request to be notified from the Assure API when a process is finished, either successfully or not. To do that, you must provide your server’s URL (notificationUrl) and an authorizationHeader (if needed) in the Create process request body or in the Start Capture Flow request body.

# Whitelisting of server URLs


To receive callback notifications, Signicat must whitelist your server’s URL. To do this, contact Signicat at

If you are just testing, consider using (opens new window) instead of going through the whitelisting process.

# notificationUrl

When the process verification is done, the Assure API will POST a request to your notificationUrl with the process ID, its status and the ID of the dossier it belongs to. Here is an example:


# Field descriptions

Field name Description Field type
dossierId The unique ID of the dossier where the process belongs. string
processId The unique ID of the process. string
status The final status of the process after the provider has analysed. Enum

# Verifying notificationUrl

After getting the notification, your notificationUrl must respond with an HTTP 200 OK code as soon as possible (and no longer than 10 seconds). For that reason, it is important that the endpoint receiving the notification does not perform lengthy processing that can delay its response time.


Whether a callback notification is resent or not, depends on the provider. For more information, see Callback retry mechanism.

At this point you can get the updated process information using the dossierId and processId from the callback.

# Callback retry mechanism

Each provider has its own retry mechanism that is used by the Assure API. How the different providers handle the retry, is described in the following sub-sections.

# Onfido

Onfido requires an HTTP 200 OK response within 10 seconds. Otherwise, Onfido will attempt to resend the notification 5 times according to the following schedule:

  • 30 seconds after the first attempt
  • 2 minutes after the first attempt
  • 15 minutes after the first attempt
  • 2 hours after the first attempt
  • 10 hours after the first attempt

# Electronic IDentification

If a different HTTP code than HTTP 200 OK is received or if your listener fails to respond, another attempt to send the notification will be repeated after 10 minutes. This process will continue until HTTP 200 OK is received or the 15th attempt is reached.

# ReadID

Your server must return an HTTP status code in the range between 200-299.

If your server returns an HTTP status code >= 500 or 404, 405, 406, 410, 414, 415 , all subsequent notifications will be delayed for an hour.

For all other HTTP status codes, the server will wait an hour to retry again up to 24 times.

If the HTTP response code is 400, the server will not carry out any further attempts.

# Signicat Paper

Signicat Paper does not have retry mechanism. A single callback is sent.

# Connect

Connect does not have retry mechanism. A single callback is sent.

Last updated: 9/21/2021, 10:28:55 AM