Manual Verification
Record an employee-approved verification. An employee uses their 6-digit access code to identify themselves before approving or denying the transaction.
Note: Manual verifications must be performed and confirmed by a registered employee. The verifiedBy field must contain a valid employee ID for your tenant.
Employee Lookup
Before calling the manual verification endpoint, resolve the employee by their 6-digit access code. Use the device employee lookup endpoint:
/api/devices/employeesResolve an employee by their 6-digit access code. Returns the employee ID and name required for the manual verification endpoint.
Headers
| Name | Type | Required | Description |
|---|---|---|---|
| Authorization | string | Required | Bearer <device_api_key> |
| Content-Type | string | Required | application/json |
AuthorizationstringRequiredBearer <device_api_key>
Content-TypestringRequiredapplication/json
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
| accessCode | string | Required | Employee's 6-digit access code |
accessCodestringRequiredEmployee's 6-digit access code
Response
{
"found": true,
"employee": {
"id": "emp_abc",
"name": "Jón Jónsson"
}
}Record Manual Verification
Once you have the employee ID, submit the manual verification result.
/api/verification/manualRecord an employee-approved manual verification. The employee must have been resolved via their access code before calling this endpoint. The server records an immutable transaction.
Headers
| Name | Type | Required | Description |
|---|---|---|---|
| Authorization | string | Required | Bearer <access_token> — obtained via OAuth 2.0 Client Credentials |
| Content-Type | string | Required | application/json |
AuthorizationstringRequiredBearer <access_token> — obtained via OAuth 2.0 Client Credentials
Content-TypestringRequiredapplication/json
Request Body
| Name | Type | Required | Description |
|---|---|---|---|
| verifiedBy | string | Required | Employee ID — obtained by resolving their 6-digit access code |
| challengeType | string | Required | "age" |
| challengeData | object | Required | Depends on challenge type. For age: { "requiredAge": 18 } |
| result | string | Required | "pass" | "fail" — the employee's decision |
verifiedBystringRequiredEmployee ID — obtained by resolving their 6-digit access code
challengeTypestringRequired"age"
challengeDataobjectRequiredDepends on challenge type. For age: { "requiredAge": 18 }
resultstringRequired"pass" | "fail" — the employee's decision
Examples
cURL
curl -X POST https://abyrgverslun.is/api/verification/manual \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"verifiedBy": "emp_abc",
"challengeType": "age",
"challengeData": { "requiredAge": 18 },
"result": "pass"
}'JavaScript
// Step 1: Resolve employee by access code
const lookupResponse = await fetch('https://abyrgverslun.is/api/devices/employees', {
method: 'POST',
headers: {
'Authorization': 'Bearer YOUR_DEVICE_API_KEY',
'Content-Type': 'application/json',
},
body: JSON.stringify({ accessCode: '123456' }),
});
const { found, employee } = await lookupResponse.json();
if (!found) {
console.error('Employee not found');
return;
}
// Step 2: Record the manual verification
const response = await fetch('https://abyrgverslun.is/api/verification/manual', {
method: 'POST',
headers: {
'Authorization': 'Bearer YOUR_ACCESS_TOKEN',
'Content-Type': 'application/json',
},
body: JSON.stringify({
verifiedBy: employee.id,
challengeType: 'age',
challengeData: { requiredAge: 18 },
result: 'pass',
}),
});
const data = await response.json();
// data.result === 'pass'
// data.transactionId === 'j57b2mNkR4e9...'Response
{
"result": "pass",
"transactionId": "j57b2mNkR4e9..."
}