Versión

API Manager

API Manager for GSMA's CAMARA project capabilities. This service acts as a gateway that receives requests conforming to the CAMARA standard and routes them to the appropriate microservices.

The API Manager provides centralized handling of CAMARA-compliant requests, including validation, authentication, and proper routing to backend services. It ensures all interactions follow the standardized CAMARA specifications, enabling developers to access telco network capabilities through consistent interfaces regardless of the underlying implementation.

Key features:

CAMARA standard compliance validation
Request routing to specialized microservices
API versioning support
Telco capability exposure management

Number Verification

Number Verification API performs real-time checks to verify the phone number of the mobile device being used to access a service provider (SP) service, where the mobile device is accessing the service provider over a mobile network (WiFi connections are out of this API scope) either by getting the comparison result or receiving the phone number of the device that it is used, so they can verify it themselves. It uses direct mobile network connections to verify possession of a phone number in the background without requiring user interaction. There are neither OTPs (One-time passwords) received by SMS nor authenticator app downloads, so it is much simpler. It can be used at sign up, login, or transaction time to validate that a user's SIM (Subscriber Identity Module) is both actively connected to the mobile network and not spoofed or cloned.

SIM SWAP

A SIM swap is a process in which a user's mobile phone number (MSISDN) is associated with a new SIM card (IMSI). This is typically done by contacting the user's mobile service provider and requesting a new SIM card for various reasons, such as a lost or damaged SIM card or upgrading to a new phone. SIM swap also happens during other actions like changing user's phone number, changing mobile service provider keeping user's mobile phone number or when activating a new SIM associated to the same phone number, known as multisim service. New subscription is considered as a SIM swap as well, the MSISDN which can be used by another person earlier, is associated with a SIM card it was not associated before.

DEVICE SWAP

This API allows to check the last time that the phone (device) - phone number association has changed

KYC MATCH

This API provides the customer with the ability to compare the information it (Service Provider, SP) has for a particular mobile phone user with that on file (and verified) by the mobile phone user's Operator in their own KYC records, in order for the SP to confirm the accuracy of the information and provide a specific service to the mobile phone user.

KYC AGE VERIFICATION

This API provides the customer with the ability to check if the user of the line is older than a provided age, in order to provide API customer's age-restricted services, access to its age-restricted website etc..

KYC Tenure

The CAMARA Know Your Customer (KYC) Tenure API allows for verification that a network subscriber has been a customer of the Communications Service Provider (CSP) for a specified minimum length of time so as to establish a level of trust for the associated network subscription identifier.

Consent Information

The Consent Info API allows API Consumers to easily validate whether they have the necessary permissions to process User's personal data for a specific Purpose before using other CAMARA APIs. It provides a simple true/false response and, when applicable, a URL to direct the User to manage their Consent.

Quality of Service (QoS) Profiles

The Quality-of-Service (QoS) Profiles API provides a set of predefined network performance characteristics, such as latency, throughput, and priority, identified by a unique name. These profiles allow application developers to specify the desired network behavior for their application's data traffic, ensuring optimal performance. By selecting an appropriate QoS profile, developers can request stable latency (reduced jitter) or throughput for specific data flows between client devices and application servers when used by the Quality-On-Demand APIs.

Quality on Demand (QoD)

The Quality-On-Demand (QoD) API provides a programmable interface for developers and other users (API consumers) to request stable latency or throughput managed by networks without the necessity to have an in-depth knowledge of the underlying network complexity (e.g. the 4G/5G system in case of a mobile network).

AUTHN - AUTHNZ

CAMARA User Authentication/Authorization follows the CAMARA Security and Interoperability Profile technical specification. This section describes the authorization flows that can be used to access CAMARA APIs:

Authorization code flow (Frontend flow) - Used to obtain a Three-Legged Access Token from the Authorization Server and initiated from the Consumption Device
CIBA flow (Backend flow) - Used to obtain a Three-Legged Access Token from the Authorization Server and initiated from the ASP's Application Backend
JWT Bearer flow - Used to obtain a Two-Legged Access Token from the Authorization Server by using a signed JWT as client assertion

Base URLs

staging public

staging private

Recursos

Recurso	Descripción
Number Verification	API operation to verify a phone number received as input. It can be received either in plain text or hashed format.
Sim Swap	API operation related with sim swap.
Device Swap	API operation related with device swap.
KYC Match	API operation related with kyc match.
KYC Age Verification	API operation related with kyc age verification.
KYC Tenure	API operation to check the length of tenure of a subscriber.
Consent Information	API related with the consent information.
QoS Profiles	API related with the QoS Profiles.
QoD	API related with the QoD.
Authentication	API related with the Authentication.

Property	Type	Description	Constraints	Default
`phoneNumber`	string	A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'.	pattern: ^\+[1-9][0-9]{4,14}$
`hashedPhoneNumber`	string	Hashed phone number. SHA-256 (in hexadecimal representation) of the mobile phone number in E.164 format (starting with country code). Prefixed with '+'.

Property	Type	Description
`status`*	integer	HTTP response status code
`code`*	string	Code given to this error
`message`*	string	Detailed error description

Property	Type	Description
`status`*	integer	HTTP response status code
`code`*	string	Code given to this error
`message`*	string	Detailed error description

Property	Type	Description
`status`*	integer	HTTP response status code
`code`*	string	Code given to this error
`message`*	string	Detailed error description

Property	Type	Description
`status`*	integer	HTTP response status code
`code`*	string	Code given to this error
`message`*	string	Detailed error description

Property	Type	Description	Constraints
`idDocumentMatch`	string () truefalsenot_available	Indicates whether Id number associated to the ID document of the customer matches with the one on the Operator's system.
`nameMatch`	string () truefalsenot_available	Indicates whether the complete name of the customer matches with the one on the Operator's system.
`nameMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`givenNameMatch`	string () truefalsenot_available	Indicates whether First name/given name of the customer matches with the one on the Operator's system.
`givenNameMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`familyNameMatch`	string () truefalsenot_available	Indicates whether last name/ family name/ surname of the customer matches with the one on the Operator's system.
`familyNameMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`nameKanaHankakuMatch`	string () truefalsenot_available	Indicates whether complete name of the customer in Hankaku-Kana format (reading of name) for Japan matches with the one on the Operator's system.
`nameKanaHankakuMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`nameKanaZenkakuMatch`	string () truefalsenot_available	Indicates whether complete name of the customer in Zenkaku-Kana format (reading of name) for Japan matches with the one on the Operator's system.
`nameKanaZenkakuMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`middleNamesMatch`	string () truefalsenot_available	Indicates whether the middle names of the customer matches with the one on the Operator's system.
`middleNamesMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`familyNameAtBirthMatch`	string () truefalsenot_available	Indicates whether the Family Name At Birth of the customer matches with the one on the Operator's system.
`familyNameAtBirthMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`addressMatch`	string () truefalsenot_available	Indicates whether complete address of the customer matches with the one on the Operator's system.
`addressMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`streetNameMatch`	string () truefalsenot_available	Indicates whether the street name of the customer matches with the one on the Operator's system.
`streetNameMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`streetNumberMatch`	string () truefalsenot_available	Indicates whether the street number of the customer matches with the one on the Operator's system.
`streetNumberMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`postalCodeMatch`	string () truefalsenot_available	Indicates whether the postal code / zip code of the customer matches with the one on the Operator's system.
`regionMatch`	string () truefalsenot_available	Indicates whether the region of the customer's address matches with the one on the Operator's system.
`regionMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`localityMatch`	string () truefalsenot_available	Indicates whether the locality of the customer's address matches with the one on the Operator's system.
`localityMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`countryMatch`	string () truefalsenot_available	Indicates whether the country of the customer's address matches with the one on the Operator's system.
`houseNumberExtensionMatch`	string () truefalsenot_available	Indicates whether the house number extension of the customer's address matches with the one on the Operator's system.
`birthdateMatch`	string () truefalsenot_available	Indicates whether the birthdate of the customer matches with the one on the Operator's system.
`emailMatch`	string () truefalsenot_available	Indicates whether the email address of the customer matches with the one on the Operator's system.
`emailMatchScore`	integer	Indicates the similarity score assigned to the input value when it does not exactly match the value stored in the operator's system. This property shall only be returned when the value of the corresponding match field is `false`.	min: 0, max: 100
`genderMatch`	string () truefalsenot_available	Indicates whether the gender of the customer matches with the one on the Operator's system.

Property	Type	Description	Constraints	Default
`ageThreshold`*	integer	The age to be verified. The indicated range is a global definition of maximum and minimum values allowed to be requested. It is important to note that this range might be more restrictive in some implementations due to local regulations of a country i.e. A country does not allow to request for an age under 18. This limitation must be informed during the onboarding process.	min: 0, max: 120
`phoneNumber`	string	A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'.	pattern: ^\+[1-9][0-9]{4,14}$
`idDocument`	string	Id number associated to the official identity document in the country. It may contain alphanumeric characters.
`name`	string	Complete name of the customer, usually composed of first/given name and last/family/sur- name in a country. Depending on the country, the order of first/give name and last/family/sur- name varies, and middle name could be included. It can use givenName, middleNames, familyName and/or familyNameAtBirth. For example, in ESP, name+familyName; in NLD, it can be name+middleNames+familyName or name+middleNames+familyNameAtBirth, etc.
`givenName`	string	First/given name or compound first/given name of the customer.
`familyName`	string	Last name, family name, or surname of the customer.
`middleNames`	string	Middle name/s of the customer.
`familyNameAtBirth`	string	Last/family/sur- name at birth of the customer.
`birthdate`	string (date)	The birthdate of the customer, in RFC 3339 / ISO 8601 calendar date format (YYYY-MM-DD).
`email`	string (email)	Email address of the customer in the RFC specified format (local-part@domain).
`includeContentLock`	boolean	If this parameter is included in the request with value `true`, the response property `contentLock` will be returned. If it is not included or its value is `false`, the response property will not be returned.		false
`includeParentalControl`	boolean	If this parameter is included in the request with value `true`, the response property `parentalControl` will be returned. If it is not included or its value is `false`, the response property will not be returned.		false

Property	Type	Description	Constraints
`ageCheck`*	string () truefalsenot_available	Indicate `"true"` when the age of the user is the same age or older than the age threshold (age >= age threshold), and `"false"` if not (age < age threshold). If the API Provider doesn't have enough information to perform the validation, a `not_available` can be returned.
`verifiedStatus`	boolean	Indicate `true` if the information provided has been compared against information based on an identification document legally accepted as an age verification document (Note), otherwise indicate `false`. Note: Depending on the country, credit-check or other mechanism can be used instead of official identification for Age Verification. For details, please contact API Provider.
`identityMatchScore`	integer	The overall score of identity information available in the API Provider, information either provided in the request body comparing it to the one that the API Provider holds or directly using internal API Provider's information. It is optional for the API Provider to return the Identity match score.	min: 0, max: 100
`contentLock`	string () truefalsenot_available	Indicate `"true"` if the subscription associated with the phone number has any kind of content lock (i.e certain web content blocked) and `"false"` if not. If the information is not available the value `not_available` can be returned.
`parentalControl`	string () truefalsenot_available	Indicate `"true"` if the subscription associated with the phone number has any kind of parental control activated and `"false"` if not. If the information is not available the value `not_available` can be returned.

Property	Type	Description	Constraints	Default
`tenureDateCheck`*	boolean	`true` when the identified mobile subscription has had valid tenure since `tenureDate`, otherwise `false`
`contractType`	string () PAYGPAYMBusiness	If exists, populated with: - `PAYG` - prepaid (pay-as-you-go) account - `PAYM` - contract account - `Business` - Business (enterprise) account This attribute may be omitted from the response set if the information is not available

Property	Type	Description	Constraints
`phoneNumber`*	string	A public identifier addressing a telephone subscription. In mobile networks it corresponds to the MSISDN (Mobile Station International Subscriber Directory Number). In order to be globally unique it has to be formatted in international format, according to E.164 standard, prefixed with '+'.	pattern: ^\+[1-9][0-9]{4,14}$
`scopes`*	string[]	List of requested scopes.	minItems: 1
`purpose`*	string	The reason for which personal data will be processed by the API Consumer. CAMARA uses the [W3C Data Privacy Vocabulary](https://w3c.github.io/dpv/2.0/dpv/) (DPV) to represent these purposes e.g. `dpv:FraudPreventionAndDetection` or `dpv:RequestedServiceProvision`.	pattern: ^dpv:[a-zA-Z0-9]+$
`requestCaptureUrl`*	boolean	A boolean flag indicating whether the API Consumer requests API Provider to return a Consent capture URL.

Property	Type	Description
`login_hint`*	string	A hint to the OpenID Provider regarding the end-user for whom authentication is being requested. The value contains a msisdn, which identifies the end-user to the OP. RFC 3966 The tel URI for Telephone Numbers
`scope`*	string	Scope of permissions
`binding_message`	string	A human-readable identifier or message intended to be displayed on both the consumption device and the authentication device to interlock them together for the transaction by way of a visual cue for the end-user. This interlocking message enables the end-user to ensure that the action taken on the authentication device is related to the request initiated by the consumption device.
`client_id`	string	The client identifier (required when using client_assertion)
`client_assertion_type`	string	Must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer (if you use client_assertion authorization)
`client_assertion`	string	The signed JWT

Property	Type	Description
`auth_req_id`*	string	REQUIRED. This is a unique identifier to identify the authentication request made by the Client.
`expires_in`*	integer	The duration in seconds for which the authentication request is valid.
`interval`*	integer	The minimum amount of time in seconds that the client SHOULD wait between polling to check if the authentication request has been completed.

Property	Type	Description
`error`*	string () invalid_requestaccess_deniedinvalid_clientinvalid_grantunauthorized_clientunauthorized_grant_typeinvalid_scopeerror_descriptionerror_uri	A single error code
`error_description`	string	A human-readable text providing additional information, used to assist in the understanding and resolution of the error occurred
`error_uri`	string

Property	Type	Description
`grant_type`*	string () urn:openid:params:grant-type:cibaurn:ietf:params:oauth:grant-type:jwt-bearerauthorization_code	Grant type
`assertion`	string	Assertion with which to get an access_token (required for grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer).
`auth_req_id`	string	It is the unique identifier to identify the authentication request (transaction) made by the Client.
`code`	string	It is the authorization code received from the /authorize endpoint.
`redirect_uri`	string	It is the redirection URI used in the /authorize endpoint.
`client_id`	string	The client identifier
`client_assertion_type`	string	Must be urn:ietf:params:oauth:client-assertion-type:jwt-bearer (if you use client_assertion authorization)
`client_assertion`	string	The signed JWT

Property	Type	Description
`access_token`*	string	A token used by the client to make authenticated requests on behalf of the resource owner
`scope`	string	Scopes
`expires_in`	integer
`token_type`*	string
`refresh_token`	string	A token used by the client to obtain a new access token without having to involve the resource owner.

Property	Type	Description
`error`*	string () authorization_pendinginvalid_requestaccess_deniedinvalid_clientinvalid_grantunauthorized_clientunauthorized_grant_typeinvalid_scopeerror_descriptionerror_uri	A single error code
`error_description`	string	A human-readable text providing additional information, used to assist in the understanding and resolution of the error occurred
`error_uri`	string

Recursos

Recursos

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Request body *

Responses

Snippet

Parameters

Responses

Snippet

Parameters

Request body *

Responses

Response Headers

Snippet

Parameters

Responses

Response Headers

Snippet

Parameters

Responses

Response Headers

Snippet