MNRL Check

Endpoint Overview

POST /api/v1/mnrl/mnrl-check

Description

The Mobile Number Revocation List (MNRL) Check API allows you to verify whether a mobile number has been revoked or flagged in the MNRL database. This service helps businesses identify potentially risky or fraudulent mobile numbers before proceeding with user verification, account creation, or transaction processing.

Key Benefits

Reduce fraud by identifying mobile numbers that have been flagged for suspicious activities

Enhance security in user onboarding and authentication processes

Prevent account takeovers associated with compromised mobile numbers

Comply with telecom regulatory requirements for mobile number verification

Use Cases

Financial Services

Telecom

Digital Platforms

Verify mobile numbers during customer onboarding to prevent fraud

Validate phone numbers before sending OTPs for transaction authorization

Screen mobile numbers during account recovery processes

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.io

Production: https://kyc-api.surepass.io

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	Bearer token authentication using JWT
Content-Type	Yes	application/json

Request Body

Parameter	Type	Required	Description
mobile	String	Yes	The mobile number to be checked against the MNRL database

Example Request

{
    "mobile": "9904709012"
}

Process Response

Response Parameters

Parameter	Type	Description
data	Object	Contains the response data
data.client_id	String	Unique identifier for the API request
data.revoked	Boolean	Indicates if the mobile number is in the MNRL (true = revoked, false = not revoked)
status_code	Integer	HTTP status code of the response
success	Boolean	Indicates if the API request was successful
message	String	Human-readable status message
message_code	String	Machine-readable status code

Example Successful Response

{
    "data": {
        "client_id": "mnrl_check_dzGrZOWejhJvVNveQRyg",
        "revoked": true
    },
    "status_code": 200,
    "success": true,
    "message": "Success",
    "message_code": "success"
}

Possible Error Responses

Invalid Mobile Number

Authentication Error

{
    "errors": {
        "mobile": "Mobile Number Value does not match pattern: \"^[0][1-9]\\d{9}$|^[1-9]\\d{9}$\""
    },
    "message": "Input payload validation failed"
}

The mobile number provided is not in a valid format. Ensure the number follows the correct format without country code or special characters.

Integration Best Practices

Security Recommendations

Store JWT tokens securely and never expose them in client-side code

Implement proper error handling to manage API failures gracefully

Rotate JWT tokens periodically to minimize security risks

Validate mobile numbers on your end before sending to the API to reduce unnecessary calls

User Experience Guidelines

Implement the MNRL check early in your user journey to avoid wasting users' time

Provide clear error messages when a mobile number is found in the MNRL

Consider offering alternative verification methods if a mobile number is flagged

Cache results (within reasonable timeframes) to improve response times for repeat checks

Code Samples

cURL

Python

Node.js

Related APIs

PAN Verification API: Verify PAN card details

Aadhaar Verification API: Verify Aadhaar card details

Bank Account Verification API: Verify bank account details

Document OCR API: Extract information from identity documents

Compliance and Legal Considerations

The MNRL database is maintained in accordance with telecom regulatory guidelines. Ensure you have proper consent from users before checking their mobile numbers against the MNRL. Store the results in compliance with data protection regulations and inform users if their number is flagged in the MNRL.

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

curl --location --request POST 'https://kyc-api.surepass.app/api/v1/mnrl/mnrl-check' \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data-raw '{ "mobile": "9904709012" }'

{ "data": { "client_id": "mnrl_check_dzGrZOWejhJvVNveQRyg", "revoked": true }, "status_code": 200, "success": true, "message": "Success", "message_code": "success" }

MNRL Check

MNRL Check#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses

MNRL Check

Description

Use Cases

Technical Implementation

Request Headers

Request Body

Example Request

Response Parameters

Example Successful Response

Possible Error Responses

Integration Best Practices

Code Samples