Resource Guides
Endpoints
Token Management
Customer Management
Account Management
Bre-B Key Management
Recipient Management
Payment Management
QR codes
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Validate Key
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Overview
This endpoint validates a Bre-B Key and optionally compares additional information such as participant, account, and owner details.
You can submit a Bre-B key (create by you or not) along with optional additional information. The API then returns a boolean‐style match response (e.g., MATCH / NO_MATCH) to indicate whether the key corresponds to the expected individual.
If the submitted information does not match the resolved owner of the key, you will not receive any PII of the correct owner. This enables validation without revealing confidential information.
Endpoint Behavior
- The
keyobject is required. - The objects
participant,account, andownerare optional, when included, each will be checked independently. - Each field returns a match indicator (
MATCH/NO_MATCH). - If the submitted key does not exist or is not
ACTIVE, the API returns HTTP 404.
Endpoint Details
| Definition | Description |
|---|---|
| Endpoint | https://api.paas.sandbox.co.passportfintech.com/v1/validate-key |
| Method | POST |
| Headers | Content-Type: application/json, Authorization |
| Authentication | Access Token (Bearer Token) |
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| key | Object | Yes | Key to validate |
| key.key_type | String | Yes | Key type (e.g., PHONE BCODE, EMAIL, ID, or ALPHA) |
| key.key_value | String | Yes | Key value |
| participant | Object | Optional | Participant comparison data |
| participant.identification_number | String | Optional | Participant NIT |
| participant.name | String | Optional | Participant name |
| account | Object | Optional | Account comparison data |
| account.account_type | String | Optional | Account type (e.g., ORDINARY or LOW_VALUE) |
| account.account_number | String | Optional | Account number |
| owner | Object | Optional | Account owner information |
| owner.first_name | String | Optional | First name |
| owner.second_name | String | Optional | Middle name |
| owner.first_last_name | String | Optional | Surname |
| owner.second_last_name | String | Optional | Second surname |
| owner.type | String | Optional | Owner type (e.g., INDIVIDUALor BUSINESS) |
| owner.identification_type | String | Optional | ID type (e.g., CC) |
| owner.identification_number | String | Optional | ID number |
Example Request
JSON
26
26
1
curl --location --request POST 'https://api.paas.sandbox.co.passportfintech.com/v1/validate-key' \2
--header 'Content-Type: application/json' \3
--header 'Authorization: Bearer YOUR_ACCESS_TOKEN' \4
--data '{5
"key": {6
"key_type": "PHONE",7
"key_value": "3975999158"8
},9
"participant": {10
"identification_number": "123456789",11
"name": "Bancolombia"12
},13
"account": {14
"account_type": "ORDINARY",15
"account_number": "88758829529"16
},17
"owner": {18
"first_name": "Ligia",19
"second_name": "Abril",20
"first_last_name": "Flores",21
"second_last_name": "Benhumea",22
"type": "INDIVIDUAL",23
"identification_type": "CC",24
"identification_number": "642349532"25
}26
}'Response
- HTTP Status Code: 200 OK.
- The response will contain the validation details of the key.
Example of Response
JSON
23
23
1
{2
"key": {3
"key_type": "PHONE",4
"key_value": "3975999158"5
},6
"participant": {7
"identification_number": "MATCH",8
"name": "MATCH"9
},10
"account": {11
"account_type": "MATCH",12
"account_number": "NO MATCH"13
},14
"owner": {15
"first_name": "MATCH",16
"second_name": "MATCH",17
"first_last_name": "NO MATCH",18
"second_last_name": "MATCH",19
"type": "MATCH",20
"identification_type": "MATCH",21
"identification_number": "MATCH"22
}23
}Common Errors and Handling
| HTTP Status Code | Meaning | Description |
|---|---|---|
| 400 Bad Request | Invalid request | Malformed JSON or invalid fields |
| 401 Unauthorized | Missing/expired token | Bearer token invalid or expired |
| 403 Forbidden | Not allowed | Caller not permitted to validate keys |
| 404 Not Found | Key invalid | Key does not exist or is not ACTIVE |
| 500 Internal Server Error | Server error | Unexpected system error |
Best Practices
- Always include the
keyobject, all other fields are optional. - Use optional validation blocks (
account,participant,owner) only if you need to verify related information.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Next to read:
Delete RecipientDiscard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message