🚀 Activate Business Request
Overview
Activating a Business Request always requires a mandatory location check.
The user’s current geo-location is compared against their last active device location.
The last active device location is:
The registration location if the user never changed it.
Or the latest login location if the user logged in from a new place.
If the user is within 80 km, activation continues normally with OTP and payment.
If the user is more than 80 km away, they must first revalidate liveness before proceeding.
Workflow
Step 1 – Confirm Location (mandatory)
Compare current geo-location with last active device location.
Case A – Within 80 km
Request Activate OTP
POST /api/BusinessRequest/CustomerSign/StepRequestOtpValidate OTP
POST /api/BusinessRequest/CustomerSign/StepValidateOtpValidate Payment & Activate Contract :
POST /api/BusinessRequest/CustomerSign/StepValidatePayment
Case B – More than 80 km away
Request Activate OTP → system responds: “Location changed, liveness revalidation required.”
Revalidate Liveness POST
POST /api/BusinessRequest/CustomerSign/StepRevalidteLivenessRequest New OTP (using the same
transactionId)Validate OTP
Validate Payment & Activate Contract
This endpoint requests an OTP for customer sign step. The geoLocation is mandatory to verify user location.
Optional. The SMS provider used to send OTP. Available options: 1- infobip, 2- vodafone, 3- Cequens, 4- victoryLink
Unique identifier of the business request
Transaction identifier associated with this request
Device UTC time of the user
Payment gateway to be used for transaction
OTP request initiated successfully
POST /api/BusinessRequest/CustomerSign/StepRequestOtp HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 174
{
"smsProviders": 1,
"requestId": "text",
"transactionId": "text",
"geoLocation": {
"latitude": 1,
"longitude": 1
},
"userDeviceUtcTime": "2025-11-08T04:10:44.334Z",
"paymentGateway": "text"
}OTP request initiated successfully
{
"status": "text",
"nextStep": "text"
}This endpoint is used when a customer changes location (>80km from last active device). The user must re-validate liveness before proceeding with OTP and contract activation.
Unique identifier of the business request
Transaction identifier associated with this request (must be reused)
Device UTC time of the user
Payment gateway to be used for transaction
Liveness re-validation initiated successfully
POST /api/BusinessRequest/CustomerSign/StepReValidateLiveness HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 358
{
"scanTransaction": {
"id_front_image": "text",
"image": "text",
"name_check_value": "text",
"transaction_id": "text",
"client_transaction_id": "text",
"request_id": "text",
"country": "text",
"getExtractedData": true
},
"requestId": "text",
"transactionId": "text",
"geoLocation": {
"latitude": 1,
"longitude": 1
},
"userDeviceUtcTime": "2025-11-08T04:10:44.334Z",
"paymentGateway": "text"
}Liveness re-validation initiated successfully
{
"status": "text",
"nextStep": "text"
}Validates the OTP sent to the customer during the Business Request activation process.
Unique identifier for the OTP request.
The OTP code entered by the user.
The unique business request identifier.
Transaction identifier linked to this request.
The UTC time on the user's device.
The payment gateway provider.
OTP validated successfully.
Invalid or expired OTP.
Unauthorized - Invalid authentication credentials.
Validation error - Invalid request data.
Internal server error.
POST /api/BusinessRequest/CustomerSign/StepValidateOtp HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 292
{
"otpRequestId": "123e4567-e89b-12d3-a456-426614174000",
"otpCode": "text",
"requestId": "123e4567-e89b-12d3-a456-426614174000",
"transactionId": "123e4567-e89b-12d3-a456-426614174000",
"geoLocation": {
"latitude": 1,
"longitude": 1
},
"userDeviceUtcTime": "2025-11-08T04:10:44.334Z",
"paymentGateway": "text"
}{
"success": true,
"message": "text",
"timestamp": "2025-11-08T04:10:44.334Z"
}Validates the payment during the Business Request process.
The unique business request identifier.
Transaction identifier linked to this request.
The UTC time on the user's device.
The payment gateway provider.
Payment validated successfully.
Invalid payment data.
Unauthorized - Invalid authentication credentials.
Validation error - Invalid request data.
Internal server error.
POST /api/BusinessRequest/CustomerSign/StepValidatePayment HTTP/1.1
Host: api.example.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 221
{
"requestId": "123e4567-e89b-12d3-a456-426614174000",
"transactionId": "123e4567-e89b-12d3-a456-426614174000",
"geoLocation": {
"latitude": 1,
"longitude": 1
},
"userDeviceUtcTime": "2025-11-08T04:10:44.334Z",
"paymentGateway": "text"
}{
"success": true,
"message": "text",
"timestamp": "2025-11-08T04:10:44.334Z"
}
const headers = {
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Content-Type": "application/json-patch+json"
};
const BASE_URL = "https://api.vlenseg.com/api";
async function makeApiCall(url, body) {
const response = await fetch(url, {
method: 'POST',
headers: headers,
body: JSON.stringify(body)
});
const data = await response.json();
console.log(data);
}
// Step 1: Request OTP
makeApiCall(`${BASE_URL}/BusinessRequest/CustomerSign/StepRequestOtp`, {
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:08.987Z"
});
// Step 2: Validate OTP
makeApiCall(`${BASE_URL}/BusinessRequest/CustomerSign/StepValidateOtp`, {
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:25.259Z"
});
// Step 3: Perform Payment
makeApiCall(`${BASE_URL}/BusinessRequest/CustomerSign/StepProcessPayment`, {
"paymentDetails": {"amount": 100, "currency": "USD"}
});
// Step 4: Validate Payment
makeApiCall(`${BASE_URL}/BusinessRequest/CustomerSign/StepValidatePayment`, {
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:32.647Z"
});
import requests
headers = {
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Content-Type": "application/json-patch+json"
}
BASE_URL = "https://api.vlenseg.com/api"
# Step 1: Request OTP
response = requests.post(
f"{BASE_URL}/BusinessRequest/CustomerSign/StepRequestOtp",
headers=headers,
json={
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:08.987Z"
}
)
print(response.json())
# Step 2: Validate OTP
response = requests.post(
f"{BASE_URL}/BusinessRequest/CustomerSign/StepValidateOtp",
headers=headers,
json={
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:25.259Z"
}
)
print(response.json())
# Step 3: Perform Payment
response = requests.post(
f"{BASE_URL}/BusinessRequest/CustomerSign/StepProcessPayment",
headers=headers,
json={
"paymentDetails": {"amount": 100, "currency": "USD"}
}
)
print(response.json())
# Step 4: Validate Payment
response = requests.post(
f"{BASE_URL}/BusinessRequest/CustomerSign/StepValidatePayment",
headers=headers,
json={
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:32.647Z"
}
)
print(response.json())
# Step 1: Request OTP
curl -X POST "https://api.vlenseg.com/api/BusinessRequest/CustomerSign/StepRequestOtp" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json" \
-d '{
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:08.987Z"
}'
# Step 2: Validate OTP
curl -X POST "https://api.vlenseg.com/api/BusinessRequest/CustomerSign/StepValidateOtp" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json" \
-d '{
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:25.259Z"
}'
# Step 3: Perform Payment
curl -X POST "https://api.vlenseg.com/api/BusinessRequest/CustomerSign/StepProcessPayment" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json" \
-d '{
"paymentDetails": {"amount": 100, "currency": "USD"}
}'
# Step 4: Validate Payment
curl -X POST "https://api.vlenseg.com/api/BusinessRequest/CustomerSign/StepValidatePayment" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json" \
-d '{
"geoLocation": {"latitude": 0, "longitude": 0},
"userDeviceUtcTime": "2024-08-25T10:14:32.647Z"
}'
Web view activation workflow
The WebView activation process consists of two main steps, which are essential for generating and viewing the contract PDF. Here’s how the process works:
Step 1: Generate Sign Contract Link
Purpose: The first step is to generate a link for the WebView where the user can sign the contract.
Endpoint:
POST https://api.vlenseg.com/api/BusinessRequest/GenerateSignContractLink
Step 2: View Contract PDF
Purpose: After generating the sign contract link, the next step is to view the contract PDF using the generated link.
Endpoint:
GET https://api.vlenseg.com/api/BusinessRequest/ViewContractPdf
Success
POST /api/BusinessRequest/GenerateSignContractLink HTTP/1.1
Host:
Content-Type: application/json-patch+json
Accept: */*
Content-Length: 280
{
"requestId": "123e4567-e89b-12d3-a456-426614174000",
"contractStorageId": "123e4567-e89b-12d3-a456-426614174000",
"transactionId": "123e4567-e89b-12d3-a456-426614174000",
"geoLocation": {
"latitude": 1,
"longitude": 1
},
"userDeviceUtcTime": "2025-11-08T04:10:44.334Z",
"paymentGateway": "text"
}Success
{
"data": "text",
"error_code": 1,
"error_message": "text",
"error_descriptions": null
}const headers = {
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Content-Type": "application/json-patch+json"
};
const BASE_URL = "https://api.vlenseg.com/api";
async function generateSignContractLink() {
const response = await fetch(`${BASE_URL}/BusinessRequest/GenerateSignContractLink`, {
method: 'POST',
headers: headers,
body: JSON.stringify({
"geoLocation": {"latitude": 30.193033, "longitude": 31.463339},
"userDeviceUtcTime": "2024-08-22T12:41:28Z",
"requestId": "81f404b3-d7dc-4f08-b4fe-934853c86282"
})
});
const data = await response.json();
console.log(data);
}
async function viewContractPdf() {
const requestId = "c2fa8504-6b42-435b-bc01-d42078ae02a5";
const securityHash = "a428fd4b1b49e3d32663a13bce2cdbd112ad5f2652bc3482fd5bbb7f47109207";
const url = `${BASE_URL}/BusinessRequest/ViewContractPdf?RequestId=${requestId}&SecurityHash=${securityHash}`;
const response = await fetch(url, {
method: 'GET',
headers: headers
});
const data = await response.json();
console.log(data);
}
generateSignContractLink();
viewContractPdf();
import requests
headers = {
"Authorization": "Bearer YOUR_ACCESS_TOKEN",
"Content-Type": "application/json-patch+json"
}
BASE_URL = "https://api.vlenseg.com/api"
def generate_sign_contract_link():
response = requests.post(
f"{BASE_URL}/BusinessRequest/GenerateSignContractLink",
headers=headers,
json={
"geoLocation": {"latitude": 30.193033, "longitude": 31.463339},
"userDeviceUtcTime": "2024-08-22T12:41:28Z",
"requestId": "81f404b3-d7dc-4f08-b4fe-934853c86282"
}
)
print(response.json())
def view_contract_pdf():
request_id = "c2fa8504-6b42-435b-bc01-d42078ae02a5"
security_hash = "a428fd4b1b49e3d32663a13bce2cdbd112ad5f2652bc3482fd5bbb7f47109207"
url = f"{BASE_URL}/BusinessRequest/ViewContractPdf?RequestId={request_id}&SecurityHash={security_hash}"
response = requests.get(url, headers=headers)
print(response.json())
generate_sign_contract_link()
view_contract_pdf()
curl -X POST "https://api.vlenseg.com/api/BusinessRequest/GenerateSignContractLink" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json" \
-d '{
"geoLocation": {"latitude": 30.193033, "longitude": 31.463339},
"userDeviceUtcTime": "2024-08-22T12:41:28Z",
"requestId": "81f404b3-d7dc-4f08-b4fe-934853c86282"
}'
curl -X GET "https://api.vlenseg.com/api/BusinessRequest/ViewContractPdf?RequestId=c2fa8504-6b42-435b-bc01-d42078ae02a5&SecurityHash=a428fd4b1b49e3d32663a13bce2cdbd112ad5f2652bc3482fd5bbb7f47109207" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json-patch+json"
Last updated