Base URL
All requests go to a single base URL over HTTPS:Sandbox
Authmatech provides a sandbox so you can develop and test without affecting production data or consuming live balance. Provision sandbox credentials from the dashboard and use them exactly as you would production credentials — theX-API-KEY and X-CLIENT-ID headers and request shapes are identical.
Testing the response envelope
Every response — success or failure — uses the same envelope, so write your client to read it consistently:- Branch business logic on
data(e.g.data.validNumber,data.decision). - Treat
success: falseand non‑200status codes as errors, and surfacemessages[].message.
validNumber: false is a successful call with a negative verdict — make sure your tests distinguish that from an actual error.
Things to verify before launch
Credentials & headers
Both
X-API-KEY and X-CLIENT-ID are sent on every request, and the API key is only ever used server-side.Product enablement
The products you call (Verify, Trust, Shield, Detect, …) are enabled for your account. A disabled product returns
400. Check GET /v1/api/me/products.Balance
Your account has sufficient, non-expired balance. Verification and intelligence calls consume balance; an expired or empty balance returns
400.Fallback path
Your client handles the no-mobile-data case (Wi‑Fi/VPN) by falling back to Stuck+ rather than failing the journey.
Error handling
You handle
401, 400, and 500 distinctly and retry only the retryable ones with backoff. See Errors.Monitoring your usage
While testing and after launch, the Client Portal endpoints give you visibility:GET /v1/api/me/usage— usage analytics.GET /v1/api/me/verifications— verification history.GET /v1/api/me/balance-history— balance movements over time.
Next steps
Errors & responses
The response envelope and every status code.
Rate limits
Limits and retry guidance.