Domain Verification

Endpoint Overview

POST /api/v1/domain/verification

Description

The Domain Verification API provides comprehensive validation and information about a domain's registration status. This endpoint returns detailed verification data including when the domain was registered, when it expires, when it was last updated, and its current verification status. This information is essential for validating domain ownership, assessing domain age and legitimacy, and performing due diligence checks.

Key Benefits

Instantly verify domain existence and registration status

Access critical domain timeline data (registration, expiration, and updates)

Streamline domain validation processes for onboarding and verification workflows

Reduce fraud risk by confirming domain legitimacy before business engagement

Use Cases

Financial Services

Cybersecurity

Compliance

Verify business domain legitimacy during merchant onboarding

Assess domain age as part of risk evaluation for lending decisions

Confirm domain ownership during business account creation

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.io

Production: https://kyc-api.surepass.io

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	JWT Bearer token for authentication. Format: `Bearer <your_token>`
Content-Type	Yes	Must be set to `application/json`

Request Body

Parameter	Type	Required	Description
domain_name	String	Yes	The domain name to verify (without protocol prefixes like http:// or https://)

Example Request

{
    "domain_name": "surepass.io"
}

Process Response

Response Parameters

Parameter	Type	Description
data	Object	Contains the verification results
data.client_id	String	Unique identifier for the verification request
data.input_domain	String	The domain name that was submitted for verification
data.details	Object	Contains detailed domain verification information
data.details.domain_name	String	The verified domain name
data.details.domain_verify	Boolean	Indicates if the domain is verified (true) or not (false)
data.details.registered_on	String	The date when the domain was registered (YYYY-MM-DD format)
data.details.expires_on	String	The date when the domain registration expires (YYYY-MM-DD format)
data.details.updated_on	String	The date when the domain information was last updated (YYYY-MM-DD format)
status_code	Integer	HTTP status code of the response
success	Boolean	Indicates if the API call was successful
message	String	Human-readable status message
message_code	String	Machine-readable status code

Example Successful Response

{
    "data": {
        "client_id": "domain_verification_oDCVARLzrWdquHcsyFMq",
        "input_domain": "surepass.io",
        "details": {
            "domain_name": "surepass.io",
            "domain_verify": true,
            "registered_on": "2019-05-10",
            "expires_on": "2025-05-10",
            "updated_on": "2024-04-09"
        }
    },
    "status_code": 200,
    "success": true,
    "message": "Success",
    "message_code": "success"
}

Possible Error Responses

Invalid Domain

Authentication Error

Server Error

{
    "status_code": 422,
    "success": false,
    "message": "Verification Failed",
    "message_code": "verification_failed"
}

This error occurs when the provided domain name is in an invalid format or cannot be resolved.

Integration Best Practices

Security Recommendations

Store JWT tokens securely and never expose them in client-side code

Implement token rotation and expiration policies

Use HTTPS for all API communications

Validate and sanitize domain input before sending to the API

User Experience Guidelines

Implement proper error handling to provide meaningful feedback to users

Display domain verification status clearly in your interface

Consider caching verification results for frequently checked domains

Show registration and expiration dates in a user-friendly format

Code Samples

cURL

Python

Node.js

Related APIs

Email Verification API: Validates email addresses and their association with domains

Business Verification API: Comprehensive business verification including domain checks

WHOIS Data API: Provides detailed WHOIS information for domains

Compliance and Legal Considerations

Domain verification data should be used in accordance with applicable data protection regulations. While this API provides domain registration information, it should not be used as the sole factor for making critical business decisions. Always combine domain verification with other verification methods for comprehensive due diligence.

{ "data": { "client_id": "domain_verification_oDCVARLzrWdquHcsyFMq", "input_domain": "surepass.io", "details": { "domain_name": "surepass.io", "domain_verify": true, "registered_on": "2019-05-10", "expires_on": "2025-05-10", "updated_on": "2024-04-09" } }, "status_code": 200, "success": true, "message": "Success", "message_code": "success" }

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

Domain Verification

Domain Verification#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses

Domain Verification

Description

Use Cases

Technical Implementation

Request Headers

Request Body

Example Request

Response Parameters

Example Successful Response

Possible Error Responses

Integration Best Practices

Code Samples