### GET /v1/oauth2/resources
Source: https://docs.ageverif.com/oauth2.html
Retrieves the verified user resources using a valid access token.
```APIDOC
## GET /v1/oauth2/resources
### Description
Optional endpoint to fetch verified visitor resources using the access token.
### Method
GET
### Endpoint
https://api.ageverif.com/v1/oauth2/resources
### Parameters
#### Headers
- **Authorization** (string) - Required - 'Bearer [access_token]'
### Response
#### Success Response (200)
- **verified** (boolean) - Indicates if the user has successfully verified their age.
```
--------------------------------
### AgeVerif API: start() Method
Source: https://docs.ageverif.com/checker.html
The asynchronous 'start' method initiates the AgeVerif Checker. It accepts optional parameters for forcing verification, setting language, and controlling modal behavior. This method is intended for advanced integrations where the checker is not automatically started.
```typescript
async start({
forceVerification?: boolean;
language?: Language;
closable?: boolean;
hidden?: boolean;
target?: 'popup' | 'tab';
}): Promise<{
verified: boolean,
verification: Verification | null,
}>
```
--------------------------------
### Manually Starting AgeVerif Checker (JavaScript)
Source: https://docs.ageverif.com/checker.html
Demonstrates how to manually start the AgeVerif Checker using its JavaScript API. This is used in conjunction with the 'nostart' parameter during script integration.
```javascript
ageverif.start();
```
--------------------------------
### GET /v1/oauth2/resources
Source: https://docs.ageverif.com/oauth2.html
Retrieves the verification status and details of a visitor using a valid access token.
```APIDOC
## GET /v1/oauth2/resources
### Description
Retrieves visitor verification resources using an access token. If the response is successful, the visitor is verified.
### Method
GET
### Endpoint
https://api.ageverif.com/v1/oauth2/resources
### Parameters
#### Headers
- **Authorization** (string) - Required - Format: 'Bearer [access_token]'.
### Response
#### Success Response (200)
- **resources** (object) - Contains verification details including verified status, uid, country, and assurance level.
#### Response Example
{
"resources": {
"verified": true,
"uid": "F1Hkgz2lvaUdF8Ia8WNBL",
"country": "US",
"country_subdivision": "US-CA",
"assurance_level": "STRICT",
"age_threshold": 18,
"expires_at": 781045200,
"expires_in": 3600
}
}
```
--------------------------------
### Example Error Response
Source: https://docs.ageverif.com/external-api.html
An example JSON object representing an API error response, indicating an unauthorized request.
```json
{
"message": "Invalid token",
"error": "Unauthorized",
"statusCode": 401
}
```
--------------------------------
### GET /external/website/{website_id}/key/{environment}
Source: https://docs.ageverif.com/external-api.html
Retrieve the public key for a registered website.
```APIDOC
## GET /external/website/{website_id}/key/{environment}
### Description
Retrieve the public key for a registered website.
### Method
GET
### Endpoint
https://webmasters-api.ageverif.com/external/website/{website_id}/key/{environment}
### Parameters
#### Path Parameters
- **website_id** (string) - Required - The unique identifier of the website.
- **environment** (string) - Required - The environment for the key pair (LIVE or TEST).
### Response
#### Success Response (200)
- **environment** (string) - The environment for the key pair.
- **publicKey** (string) - The public key for the website.
#### Response Example
{
"environment": "LIVE",
"publicKey": "-----BEGIN PUBLIC KEY-----"..."
}
```
--------------------------------
### GET /external/website/{website_id}/oauth2/{environment}
Source: https://docs.ageverif.com/external-api.html
Retrieve a specific OAuth2 configuration for a registered website.
```APIDOC
## GET /external/website/{website_id}/oauth2/{environment}
### Description
Retrieve a specific OAuth2 configuration for a registered website.
### Method
GET
### Endpoint
https://webmasters-api.ageverif.com/external/website/{website_id}/oauth2/{environment}
### Response
#### Success Response (200)
- **environment** (string) - The environment.
- **redirectUris** (array) - List of allowed redirect URIs.
- **status** (string) - Current status.
- **clientId** (string) - Unique identifier (only if ACTIVE).
- **clientSecret** (string) - Secret key (only if ACTIVE).
#### Response Example
{
"environment": "LIVE",
"redirectUris": ["https://example.com/callback"],
"status": "ACTIVE",
"clientId": "client_123",
"clientSecret": "secret_456"
}
```
--------------------------------
### GET /v1/oauth2/checker
Source: https://docs.ageverif.com/oauth2.html
Initiates the OAuth2 authorization flow by redirecting the user to the AgeVerif authorization page.
```APIDOC
## GET /v1/oauth2/checker
### Description
Initiates the authorization process. The website opens a new window to this endpoint to allow the visitor to accept or deny the authorization request.
### Method
GET
### Endpoint
https://api.ageverif.com/v1/oauth2/checker
### Parameters
#### Query Parameters
- **client_id** (string) - Required - Your website's OAuth2 Live Client ID.
- **redirect_uri** (string) - Required - Callback URI where the visitor is redirected after authorization.
- **response_type** (string) - Required - Must be 'code'.
- **scope** (string) - Optional - Permission scope (default: 'read').
- **state** (string) - Optional - String to verify state and prevent CSRF.
- **language** (string) - Optional - Language code (e.g., 'en', 'fr').
- **challenges** (string) - Optional - Comma-separated list of challenges to load.
### Request Example
GET https://api.ageverif.com/v1/oauth2/checker?client_id=V61LHMuuwahgYDcGnagso&redirect_uri=https%3A%2F%2Fwww.example.org%2Foauth2-callback&response_type=code&scope=read&state=abc123
### Response
#### Success Response (302 Redirect)
- **code** (string) - Authorization code valid for 10 minutes.
- **state** (string) - The state parameter provided in the initial request.
```
--------------------------------
### GET /v1/oauth2/checker
Source: https://docs.ageverif.com/oauth2.html
Initiates the OAuth2 authorization flow by redirecting the user to the AgeVerif verification page.
```APIDOC
## GET /v1/oauth2/checker
### Description
Redirects the visitor to the AgeVerif authorization endpoint to start the age verification process.
### Method
GET
### Endpoint
https://api.ageverif.com/v1/oauth2/checker
### Parameters
#### Query Parameters
- **response_type** (string) - Required - Must be 'code'.
- **client_id** (string) - Required - Your unique Client ID.
- **redirect_uri** (string) - Required - The URL to redirect to after authorization.
- **scope** (string) - Required - The scope of access, typically 'read'.
- **state** (string) - Required - A unique string to prevent CSRF attacks.
### Response
Redirects the user to the provided `redirect_uri` with `code` and `state` parameters.
```
--------------------------------
### GET /external/website/{website_id}
Source: https://docs.ageverif.com/external-api.html
Retrieve the full configuration details for a specific registered website.
```APIDOC
## GET /external/website/{website_id}
### Description
Retrieve details of a registered website including keys and current settings.
### Method
GET
### Endpoint
https://webmasters-api.ageverif.com/external/website/{website_id}
### Parameters
#### Path Parameters
- **website_id** (string) - Required - The unique identifier of the website.
### Response
#### Success Response (200)
- **id** (number) - Unique website id.
- **name** (string) - Website name.
- **domain** (string) - Website domain.
- **language** (string) - Language set for the website.
- **regions** (array) - Regions set for the website.
- **challenges** (array) - Challenges set for the website.
- **keys** (array) - Public keys for the website in different environments.
### Response Example
{
"id": 123,
"name": "Example",
"domain": "example.com",
"language": "en",
"regions": [],
"challenges": ["selfie"],
"keys": [{"environment": "LIVE", "publicKey": "..."}]
}
```
--------------------------------
### Retrieve Visitor Resources
Source: https://docs.ageverif.com/oauth2.html
Uses the obtained access token to fetch verified visitor resources from the AgeVerif API. This step is optional as the token exchange confirms verification.
```bash
curl -X GET https://api.ageverif.com/v1/oauth2/resources \
-H "Authorization Bearer [access_token]"
```
--------------------------------
### GET /checker.js
Source: https://docs.ageverif.com/checker.html
Loads the AgeVerif checker script with custom configuration via query parameters.
```APIDOC
## GET /checker.js
### Description
Loads the AgeVerif verification script. This script can be customized using query parameters to control behavior, language, and event callbacks.
### Method
GET
### Endpoint
https://www.ageverif.com/checker.js
### Parameters
#### Query Parameters
- **key** (string) - Required - Your website's unique Key from the Webmasters Platform.
- **nostart** (flag) - Optional - Prevents the Checker from starting automatically. Use `ageverif.start()` to trigger.
- **language** (string) - Optional - Forces language (auto, de, en, es, fr, it, pt). Default: `auto`.
- **challenges** (string) - Optional - Comma-separated list of challenges (selfie, email_age, credit_card, ticket, anonymage, pleenk).
- **onload** (string) - Optional - Global function name to call when script is loaded.
- **onready** (string) - Optional - Global function name to call when Checker is visible and ready.
- **onsuccess** (string) - Optional - Global function name to call upon successful verification.
- **onclose** (string) - Optional - Global function name to call when the modal is closed.
- **onerror** (string) - Optional - Global function name to call when a fatal error occurs.
### Request Example
### Response
#### Success Response (200)
- **Content-Type** (text/javascript) - The AgeVerif client-side library.
```
--------------------------------
### Content Security Policy (CSP) for AgeVerif
Source: https://docs.ageverif.com/checker.html
This example shows how to configure Content Security Policy (CSP) headers to allow the AgeVerif checker script and its associated resources to load correctly. It specifies allowed sources for scripts, images, and connections.
```http
Content-Security-Policy:
script-src 'self' *.ageverif.com;
img-src 'self' *.ageverif.com i.agvfcdn.com;
connect-src 'self' *.ageverif.com;
```
--------------------------------
### POST /v1/oauth2/token
Source: https://docs.ageverif.com/oauth2.html
Exchanges the authorization code received from the callback for an access token.
```APIDOC
## POST /v1/oauth2/token
### Description
Exchanges the authorization code for an access token to verify the user's age status.
### Method
POST
### Endpoint
https://api.ageverif.com/v1/oauth2/token
### Parameters
#### Request Body
- **grant_type** (string) - Required - Must be 'authorization_code'.
- **code** (string) - Required - The code received from the redirect.
- **redirect_uri** (string) - Required - Must match the original redirect_uri.
### Request Example
curl -X POST https://api.ageverif.com/v1/oauth2/token \
-H "Authorization: Basic [base64(client_id:client_secret)]" \
-d "grant_type=authorization_code&code=[code]&redirect_uri=[uri]"
### Response
#### Success Response (200)
- **access_token** (string) - The token used to access user resources.
- **expires_in** (integer) - Token validity duration in seconds.
```
--------------------------------
### POST /v1/oauth2/token
Source: https://docs.ageverif.com/oauth2.html
Exchanges the authorization code for an access token to be used for subsequent API requests.
```APIDOC
## POST /v1/oauth2/token
### Description
Exchanges the authorization grant code obtained from the redirect URI for an access token.
### Method
POST
### Endpoint
https://api.ageverif.com/v1/oauth2/token
### Parameters
#### Headers
- **Authorization** (string) - Required - Basic authentication header using base64(client_id:client_secret).
### Request Example
POST https://api.ageverif.com/v1/oauth2/token
Authorization: Basic [base64(client_id:client_secret)]
### Response
#### Success Response (200)
- **access_token** (string) - Token used to authenticate resource requests.
```
--------------------------------
### Retrieve Verified Visitor Resources
Source: https://docs.ageverif.com/oauth2.html
Fetches verification details for a visitor using a valid Bearer access token. Returns verification status, country, and assurance level.
```http
GET https://api.ageverif.com/v1/oauth2/resources
```
```bash
curl -X GET https://api.ageverif.com/v1/oauth2/resources \
-H "Authorization: Bearer eyJ0eXAiOiJKV1Qi..."
```
```json
{
"resources": {
"verified": true,
"uid": "F1Hkgz2lvaUdF8Ia8WNBL",
"country": "US",
"country_subdivision": "US-CA",
"assurance_level": "STRICT",
"age_threshold": 18,
"expires_at": 781045200,
"expires_in": 3600
}
}
```
--------------------------------
### POST /v1/oauth2/token
Source: https://docs.ageverif.com/oauth2.html
Exchanges an authorization code for an access token. This token is required to access protected visitor resources.
```APIDOC
## POST /v1/oauth2/token
### Description
Exchanges an authorization code for an access token. Authentication can be performed via Authorization header or request body parameters.
### Method
POST
### Endpoint
https://api.ageverif.com/v1/oauth2/token
### Parameters
#### Request Body
- **grant_type** (string) - Required - Must be 'authorization_code'.
- **code** (string) - Required - Authorization grant code returned from the previous step.
- **redirect_uri** (string) - Required - Must match the URI used in the authorization prompt.
- **client_id** (string) - Optional - Client identifier if not using Authorization header.
- **client_secret** (string) - Optional - Client secret if not using Authorization header.
### Request Example
{
"grant_type": "authorization_code",
"code": "8f0FwyzmlDSfdOiE...",
"redirect_uri": "https://www.example.org/oauth2-callback"
}
### Response
#### Success Response (200)
- **token_type** (string) - Hint for token usage (Bearer).
- **access_token** (string) - Token used to fetch user data.
- **expires_at** (int) - Unix timestamp of expiration.
- **expires_in** (int) - Seconds until expiration.
#### Response Example
{
"token_type": "Bearer",
"access_token": "eyJ0eXAiOiJKV1Qi...",
"expires_at": 781045200,
"expires_in": 3600
}
```
--------------------------------
### Retrieve Website Keys
Source: https://docs.ageverif.com/external-api.html
Retrieves the public key for a registered website. This operation is performed via an HTTP GET request to the specified endpoint.
```http
GET https://webmasters-api.ageverif.com/external/website/{website_id}/key/{environment}
```
--------------------------------
### Retrieve OAuth2 Configuration
Source: https://docs.ageverif.com/external-api.html
Retrieves a specific OAuth2 configuration for a registered website. This is done via a GET request and returns details including clientId and clientSecret if the status is 'ACTIVE'.
```http
GET https://webmasters-api.ageverif.com/external/website/{website_id}/oauth2/{environment}
```
--------------------------------
### Initialize and Control AgeVerif Checker
Source: https://docs.ageverif.com/checker.html
Methods to manage the lifecycle of the age verification checker. Includes starting the verification process, clearing existing verification status, and destroying the instance from the DOM.
```typescript
start(forceVerification?: boolean): Promise
```
--------------------------------
### Advanced AgeVerif Checker Integration (HTML)
Source: https://docs.ageverif.com/checker.html
Integrates the AgeVerif Checker with the 'nostart' parameter for manual control via JavaScript. Paste this script tag before the closing
tag. Replace '[KEY]' with your Public Live Key. The 'async' and 'defer' attributes are recommended. ```html ``` ```html
...