Issuing Requests

There are two instances of the SheerID REST API: Sandbox and Production, each with a distinct hostname as shown in the table below.

Hostname API Instance Description Production Routes requests to live verification data sources. Access is restricted to authorized accounts. Sandbox Available for development and integration testing purposes. Uses the SheerID Sandbox Verification Source.


SheerID’s REST API authentication layer is based on the OAuth 2.0 Authorization Framework, specifically the Bearer Token authentication scheme.

Obtaining Your Token

API Access Tokens can be issued from the API Access Tokens link under Settings on the respective Control Center Home page of the environment you are issuing a token for. Sandbox API Access tokens are issued from the Sandbox Control Center. Production API Access tokens are issued from the Production Control Center.

API Access Tokens have no default expiration cycle, and can be revoked or re-generated as needed to meet your application management objectives.

Authorization Header

Bearer tokens are supplied to the server via the Authorization header. The format for this header’s value is Bearer ${TOKEN}, where ${TOKEN} is your personal access token. In the example request shown below, the access token is 8304029af5ab9f0acb5820bfb5ddc293. For more information on usage, please review the OAuth2 Bearer Token spec.

GET /rest/0.5/organization HTTP/1.1
Authorization: Bearer 8304029af5ab9f0acb5820bfb5ddc293

Example Requests

In the examples below, we show how curl can be used to issue requests which supply a properly-constructed Authorization header. The same request formatting can and should be used in your programming language of choice. For the examples shown, it is assumed that ${TOKEN} is an environment variable or is otherwise replaced with your personal access token.

Example GET Request

curl -H "Authorization: Bearer ${TOKEN}"

Example POST Request

curl -H "Authorization: Bearer ${TOKEN}" -d "FIRST_NAME=Test&LAST_NAME=User&SSN_LAST4=1234"