Base URL
Every path in this reference is relative to a version-pinned base URL. Choose the host for your environment:
The
v1 segment is the contract version — see Versioning.
Authentication
The API is default-deny: send a bearer token asAuthorization: Bearer <token>
on every call except the token exchange itself. Get a token by posting your
api_secret to POST /auth/get_token. Full details in
Authentication.
How to read the endpoint pages
Each endpoint page lists its path parameters, query parameters, request body, and every response field, with types and whether each is required. A few conventions worth knowing:GET /task/gettakesuuidxorexternal_id— supply exactly one.POST /task/createismultipart/form-data— attach documents underuploads, withtask_typethe only required field.- Most Task endpoints return the same
TaskDetailsshape, so you learn one object and reuse it across create, get, update, and upload. - Results are asynchronous —
POST /task/createreturnsstatus: "pending"with emptyverdicts; read results fromGET /task/getafter the Task reaches a terminal status. See Working with async results.
Use the playground
Each endpoint page has a Try it panel that sends a real request from your browser. To use it:- Paste a bearer token into the
Authorizationfield (get one fromPOST /auth/get_token). - Set the server to your environment’s base URL.
- Fill in parameters and send. The panel shows the live response and ready-to-run cURL.
Errors
Errors use standard HTTP status codes with a JSON body describing what went wrong. For the full status-code catalog and error shapes — including the429
deferred-queue response that isn’t yet in the committed spec — see
Errors.

