PAN Lite

Endpoint Overview

POST /api/v1/pan/pan

Description

The PAN Lite API provides a streamlined way to verify and retrieve essential details associated with a Permanent Account Number (PAN) in India. This endpoint returns the cardholder's full name and PAN category, allowing businesses to validate PAN information for KYC compliance, identity verification, and financial processes.

Key Benefits

Instant verification of PAN validity without manual intervention

Access to accurate PAN holder details directly from authoritative sources

Categorization of PAN type for appropriate business logic implementation

Simplified KYC and onboarding processes with reliable identity verification

Use Cases

Financial Services

HR & Payroll

E-commerce & Services

Verify customer identity during account opening processes

Validate PAN details for loan applications and credit assessments

Streamline KYC compliance for investment accounts and trading platforms

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.io

Production: https://kyc-api.surepass.io

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	Bearer token authentication using JWT
Content-Type	Yes	application/json

Request Body

Parameter	Type	Required	Description
id_number	String	Yes	The PAN number to be verified (e.g., "EKRPR7936Z")

Example Request

{
    "id_number": "EKRPR7936Z"
}

Process Response

Response Parameters

Parameter	Type	Description
data	Object	Contains the PAN verification details
data.pan_number	String	The verified PAN number
data.full_name	String	Full name of the PAN holder
data.client_id	String	Unique identifier for the verification request
data.category	String	Category of the PAN (person, company, etc.)
status_code	Integer	HTTP status code of the response
message	String	Additional information about the response
success	Boolean	Indicates if the request was successful

Example Successful Response

{
    "data": {
        "pan_number": "AAAPM1234L",
        "full_name": "MUNNA BHAIYA",
        "client_id": "pan_NZAOcvheHYtwohtkWQbH",
        "category": "person"
    },
    "status_code": 200,
    "message": "",
    "success": true
}

Possible Error Responses

Invalid PAN

Authentication Error

{
    "data": null,
    "status_code": 422,
    "message": "Invalid PAN",
    "success": false
}

The provided PAN number does not match the required format or contains invalid characters.

Integration Best Practices

Security Recommendations

Store API keys securely and never expose them in client-side code

Implement proper error handling to avoid exposing sensitive information

Use HTTPS for all API communications to ensure data encryption

Rotate JWT tokens periodically and implement token expiration policies

User Experience Guidelines

Implement client-side PAN format validation before making API calls

Display clear error messages to users when PAN verification fails

Provide visual feedback during the verification process

Cache verified PAN details (securely) to minimize repeated API calls

Code Samples

cURL

Python

Node.js

Related APIs

PAN OCR API: Extract PAN details from PAN card images

PAN Advanced API: Get comprehensive PAN details including verification status

PAN Match API: Compare provided PAN details against official records

Compliance and Legal Considerations

PAN data is considered sensitive personal information under Indian data protection regulations. Ensure you have appropriate consent from users before verifying their PAN details. Store PAN information securely and in compliance with applicable data protection laws. The use of this API should align with the Income Tax Department of India's guidelines for PAN verification.

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

curl --location --request POST 'https://kyc-api.surepass.app/api/v1/pan/pan' \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data-raw '{ "id_number": "EKRPR7936Z" }'

{ "data": { "pan_number": "AAAPM1234L", "full_name": "MUNNA BHAIYA", "client_id": "pan_NZAOcvheHYtwohtkWQbH", "category": "person" }, "status_code": 200, "message": "", "success": true }

PAN Lite

PAN Lite#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses

PAN Lite

Description

Use Cases

Technical Implementation

Request Headers

Request Body

Example Request

Response Parameters

Example Successful Response

Possible Error Responses

Integration Best Practices

Code Samples