> ## Documentation Index
> Fetch the complete documentation index at: https://developers.activeprospect.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Retrieve Certificate Insights

> Account holders using TrustedForm Insights who are receiving certified leads can use the following request to retrieve TrustedForm metadata for the lead contained in a TrustedForm certificate.




## OpenAPI

````yaml /api-reference/trustedform_v3.json post /{cert_id_}
openapi: 3.0.0
info:
  contact:
    email: support@activeprospect.com
    name: ActiveProspect Support Team
    url: https://support.activeprospect.com
  description: >
    # Overview


    ## Claiming


    Claiming a certificate will allow you to verify its legitimacy, view it

    online, access its data via our API, and refer to the snapshot that was

    taken of the page as seen by the consumer, for up to 30 days. And you

    can easily configure your account to keep certificates for as long as

    you like, for a small additional fee.


    ### Claim Period


    The "claim period" is the time in which a TrustedForm Certificate must

    be claimed or extended by a TrustedForm Account holder. If it's not, it

    will expire.


    * The standard claim period is approximately 72 hours (3 days).

    * The extended claim period is approximately 2,160 hours (90 days).


    Within the claim period, TrustedForm Certificates are visible to anyone

    with access to the TrustedForm Certificate URL. After this period,

    TrustedForm Certificates are only accessible by the TrustedForm account

    holders that claimed them.


    ## Extended Certs


    By default, Web Certs have a 72-hour (3 days) window in which they can

    be claimed. This window is automatically expanded to 90 days if we

    detect the form's submission.


    If you have need to extend Certs beyond the default 3-day window, you

    have a couple options:


    1. Cert check-in

    2. Enable extended claims


    ### Cert Check-in


    ActiveProspect provides TrustedForm Check-in to allow TrustedForm

    account holders to extend the claim period of certificates beyond the

    standard claim period. Checking a certificate in extends the claim

    period without the need to either claim the certificate or have

    "Extended Claims" enabled on the publishing account.


    ### Enable Extended Claims


    When you enable extended claims, Certificates you claim will

    automatically be extended and available to be claimed up to 90 days.


    Reach out to your account representative to enable extended claims.


    ## Ping (Deprecated)


    The TrustedForm Ping API is meant to be used by lead buyers purchasing

    leads using the "ping/post" model. This API gives buyers access to that

    data with the intention that it will be called when the buyer is

    evaluating a ping request from a seller. The buyer can then use the

    returned data to set an appropriate bid price.


    ### Comparison to Claim API


    The Ping API does not replace the TrustedForm Claim process. The Ping

    API cannot be used to verify or store consent for TCPA compliance. It

    does not support page scanning, fingerprinting, replay, or certificate

    storage.


    Please refer to the [Getting Started with
    Claiming](/pages/trustedform/getting-started)

    for details on claiming a certificate.


    # Other information


    ## Prerequisites


    * [Add the TrustedForm
    script](https://activeprospect.com/products/trustedform-for-publishers/) to
    your lead forms.

    * Contact support@activeprospect.com to receive an API key.
  termsOfService: https://activeprospect.com/trustedform-eula
  title: TrustedForm Claiming API
  version: 3.0.0
servers:
  - description: The base URL for production.
    url: https://cert.trustedform.com
    variables: {}
security: []
tags: []
externalDocs:
  description: ActiveProspect Community
  url: https://developers.activeprospect.com/
paths:
  /{cert_id_}:
    post:
      tags:
        - Retrieving Insights
      summary: Retrieve Certificate Insights
      description: >
        Account holders using TrustedForm Insights who are receiving certified
        leads can use the following request to retrieve TrustedForm metadata for
        the lead contained in a TrustedForm certificate.
      operationId: ClaimerWeb.DataServiceController.show
      parameters:
        - description: Certificate ID
          in: path
          name: cert_id_
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataServiceRequest'
        description: DataServiceRequest
        required: false
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataServiceConsentAndDataResponse'
          description: Success
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/BadRequest'
          description: Malformed Certificate URL
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Unauthorized'
          description: Unauthorized
        '402':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaymentRequired'
          description: Account is inactive or out of funds
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/NotFound'
          description: TrustedForm certificate has expired or could not be found
        '405':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/MethodNotAllowed'
          description: Attempted to claim a 'sandboxed' certificate
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UnprocessableEntity'
          description: The certificate has been claimed too many times
      callbacks: {}
      security: []
components:
  schemas:
    DataServiceRequest:
      example:
        email: user@example.com
        fingerprint: Y6cQVpJhoks3ZidbcADOjXsy4vc=
        forbidden_scan_terms: I do not agree to the terms of service
        phone_1: '5125551234'
        required_scan_terms: I agree to the terms of service
      properties:
        email:
          description: >
            When using the data service on a certificate, you may pass an
            optional email (or email_1, email_2, etc) parameter. TrustedForm
            will extract the email value and perform fingerprinting against the
            available data.
          type: string
        fingerprint:
          description: >
            Calculated lead fingerprint values using the email and phone number
            received in the lead data accompanying the certificate. Each
            fingerprint value is an SHA1 hash of an email or phone value. Each
            fingerprint value should be provided in a fingerprint parameter.


            If none of the fingerprints you provide match a fingerprint
            collected on the certificate, then "none of the provided
            fingerprints match" will be included in the warnings field and
            outcome will be "failure". This indicates that the lead data
            collected on the form does not match the lead data that you
            received.
          type: string
        forbidden_scan_terms:
          description: >
            Use this parameter to perform a scan of the page for text that must
            not be present. TrustedForm will then perform a case and whitespace
            insensitive search for the string. If the string is found in the
            HTML document, then "string found in snapshot" will be included in
            the warnings key of the response and the outcome with be "failure".


            This parameter may be included multiple times
          type: string
        forbidden_scan_terms[]:
          description: >
            Use this parameter to perform a scan of the page for text that must
            not be present. TrustedForm will then perform a case and whitespace
            insensitive search for the string. If the string is found in the
            HTML document, then "string found in snapshot" will be included in
            the warnings key of the response and the outcome with be "failure".


            This parameter may be included multiple times
          items:
            type: string
          type: array
        phone_1:
          description: >
            When using the data service on a certificate, you may pass an
            optional phone (or phone_1, phone_2, etc) parameter. TrustedForm
            will extract the phone number value and perform fingerprinting
            against the available data.
          type: string
        required_scan_terms:
          description: >
            Use this parameter to perform a scan of the page for required text.
            TrustedForm will then perform a case and whitespace insensitive
            search for the string. If the string is not found in the HTML
            document, then "string not found in snapshot" will be included in
            the warnings key of the response and the outcome will be "failure".


            This parameter may be included multiple times
          type: string
        required_scan_terms[]:
          description: >
            Use this parameter to perform a scan of the page for required text.
            TrustedForm will then perform a case and whitespace insensitive
            search for the string. If the string is not found in the HTML
            document, then "string not found in snapshot" will be included in
            the warnings key of the response and the outcome will be "failure".


            This parameter may be included multiple times
          items:
            type: string
          type: array
        scan_delimiter:
          description: >
            You can provide your own delimiter to use when wrapping wildcards or

            tempate variablies. Your choice of delimiter must be homogeneous
            (i.e.

            the beginning and end are the same character(s)), such as

            `|`, `==`, or `|||`.
          type: string
      title: DataServiceRequest
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.DataServiceRequest
    DataServiceConsentAndDataResponse:
      description: Data Service Consent+Data Response
      example:
        cert:
          age_seconds: 33
          approx_ip_geo:
            city: Austin
            country_code: US
            lat: 30.4548
            lon: -97.7664
            postal_code: '78729'
            state: TX
            time_zone: America/Chicago
          browser:
            full: Chrome 95.0.4638.69
            name: Chrome
            version:
              full: 95.0.4638.69
              major: '95'
              minor: '0'
              patch: '4638.69'
          created_at: '2021-11-12T22:06:44Z'
          domain: example.com
          event_duration_ms: 21110
          expires_at: '2021-11-15T22:06:44Z'
          form_input_method:
            - typing
            - autofill
          ip: 8.8.8.8
          is_framed: true
          is_mobile: false
          kpm: 68.2314
          operating_system:
            full: Mac OS X 10.15.7
            name: Mac OS X
            version:
              full: 10.15.7
              major: '10'
              minor: '15'
              patch: '7'
          page_id: 5d8ce3c9502b426f77001ae7
          page_url: https://www.example.com/contact.html
          parent_page_url: https://www.example.com/index.html
          user_agent: >-
            Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36
            (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
          wpm: 77.1234
        fingerprints:
          matching:
            - c4a8e7fe184993964ae81380e91579015306838a
            - d511850d569bcd7802c30f54de34bb9f2b31eede
          non_matching:
            - d511850d569bcd7802c30f54de34bb9f2b31eed1
        is_masked: false
        outcome: success
        scans:
          forbidden_found:
            - Enim sit amet venenatis
          forbidden_not_found:
            - Est velit egestas
          required_found:
            - lorem ipsum dolor
          required_not_found:
            - Ad qui aperiri
        warnings: []
      properties:
        cert:
          $ref: '#/components/schemas/DataServiceCert'
        fingerprints:
          $ref: '#/components/schemas/Fingerprints'
        is_masked:
          description: A boolean indicating whether the certificate is masked
          type: boolean
        outcome:
          default: success
          description: >
            The result of the attempt to verify consent. Success indicates that
            the request did not generate any warnings related to consent
            verification. Failure indicates that the requests generated warnings
            because no fingerprints matched, forbidden scan terms were found or
            required scan terms were missing. Error indicates that the request
            was not successfull and the request should be reviewed and
            potentially retried.
          enum:
            - success
            - failure
            - error
          type: string
        reason:
          description: |
            Provides an explanation for failure or error.

            Only used for `outcome` of `failure` or `error`.
          type: string
        scans:
          $ref: '#/components/schemas/PageScans'
        warnings:
          description: |2
              An array of strings indicating possible issues with the certificate

              * `none of the provided fingerprints match`: No fingerprints matched.
              * `string not found in snapshot`: A required page scan text was not found.
              * `string found in snapshot`: A forbidden page scan text was found.
          items:
            enum:
              - none of the provided fingerprints match
              - string not found in snapshot
              - string found in snapshot
            type: string
          type: array
      required:
        - outcome
        - cert
        - is_masked
        - scans
        - fingerprints
      title: DataServiceConsentAndDataResponse
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.DataServiceConsentAndDataResponse
    BadRequest:
      example:
        errors:
          detail: Malformed certificate id
        message: Malformed certificate id
        outcome: error
        reason: Malformed certificate id
      properties:
        errors:
          properties:
            detail:
              type: string
          type: object
        message:
          type: string
        outcome:
          type: string
        reason:
          type: string
      required:
        - errors
        - message
        - outcome
        - reason
      title: BadRequest
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.BadRequest
    Unauthorized:
      example:
        errors:
          detail: Unauthorized
        message: Unauthorized
        outcome: error
        reason: Unauthorized
      properties:
        errors:
          properties:
            detail:
              type: string
          type: object
        message:
          type: string
        outcome:
          type: string
        reason:
          type: string
      required:
        - errors
        - message
        - outcome
        - reason
      title: Unauthorized
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.Unauthorized
    PaymentRequired:
      example:
        errors:
          detail: Account is inactive
        message: Account is inactive
        outcome: error
        reason: Account is inactive
      properties:
        errors:
          properties:
            detail:
              type: string
          type: object
        message:
          type: string
        outcome:
          type: string
        reason:
          type: string
      required:
        - errors
        - message
        - outcome
        - reason
      title: PaymentRequired
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.PaymentRequired
    NotFound:
      example:
        outcome: error
        reason: TrustedForm certificate has expired or could not be found
      properties:
        outcome:
          type: string
        reason:
          type: string
      required:
        - outcome
        - reason
      title: NotFound
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.NotFound
    MethodNotAllowed:
      example:
        outcome: error
        reason: Certificate is not claimable
      properties:
        outcome:
          type: string
        reason:
          type: string
      required:
        - outcome
        - reason
      title: MethodNotAllowed
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.MethodNotAllowed
    UnprocessableEntity:
      example:
        outcome: error
        reason: Certificate has been claimed too many times
      properties:
        outcome:
          type: string
        reason:
          type: string
      required:
        - outcome
        - reason
      title: UnprocessableEntity
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.UnprocessableEntity
    DataServiceCert:
      example:
        age_seconds: 33
        approx_ip_geo:
          city: Austin
          country_code: US
          lat: 30.4548
          lon: -97.7664
          postal_code: '78729'
          state: TX
          time_zone: America/Chicago
        browser:
          full: Chrome 95.0.4638.69
          name: Chrome
          version:
            full: 95.0.4638.69
            major: '95'
            minor: '0'
            patch: '4638.69'
        created_at: '2021-11-12T22:06:44Z'
        domain: example.com
        event_duration_ms: 21110
        expires_at: '2021-11-15T22:06:44Z'
        form_input_method:
          - typing
          - autofill
        ip: 8.8.8.8
        is_framed: true
        is_mobile: false
        kpm: 68.2314
        operating_system:
          full: Mac OS X 10.15.7
          name: Mac OS X
          version:
            full: 10.15.7
            major: '10'
            minor: '15'
            patch: '7'
        page_id: 5d8ce3c9502b426f77001ae7
        page_url: https://www.example.com/contact.html
        parent_page_url: https://www.example.com/index.html
        user_agent: >-
          Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36
          (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
        wpm: 77.1234
      properties:
        age_seconds:
          description: >-
            Number of seconds since the last user interaction with the
            certificate
          type: integer
        approx_ip_geo:
          description: Approximate geolocation based on IP
          nullable: true
          properties:
            city:
              description: City Name
              nullable: true
              type: string
            country_code:
              description: Country Code
              nullable: true
              type: string
            lat:
              description: Latitude
              nullable: true
              type: number
            lon:
              description: Longitude
              nullable: true
              type: number
            postal_code:
              description: Mailing address postal code
              nullable: true
              type: string
            state:
              description: State/Province or Political Subdivision abbreviation
              nullable: true
              type: string
            time_zone:
              description: Timezone name
              nullable: true
              type: string
          type: object
        browser:
          description: Browser parsed from the user-agent, when known
          nullable: true
          properties:
            full:
              description: >-
                A human-friendly version of the browser parsed from the
                user-agent
              type: string
            name:
              description: Browser name
              type: string
            version:
              description: Browser version
              properties:
                full:
                  description: A String containing the version
                  type: string
                major:
                  description: A String containing the major version
                  type: string
                minor:
                  description: A String containing the minor version
                  type: string
                patch:
                  description: A String containing the patch version
                  type: string
              type: object
          type: object
        created_at:
          description: >-
            The UTC ISO8601 formatted date and time when the TrustedForm script
            was loaded
          format: date-time
          type: string
        domain:
          description: The domain of the page url
          nullable: true
          type: string
        event_duration_ms:
          description: >-
            The time in milliseconds between when the script was loaded and when
            the most recent event was received
          nullable: true
          type: integer
        expires_at:
          description: >-
            The UTC ISO8601 formatted date and time when the claim period for
            the certificate will expire
          format: date-time
          type: string
        form_input_method:
          description: |2
              The detected input method or methods the consumer used to fill out the form

              * `autofill`: The form was filled out using browser autofill.
              * `paste`: The form was filled out pasting text.
              * `typing`: The form was filled out typing.
          items:
            enum:
              - autofill
              - paste
              - typing
            type: string
          nullable: true
          type: array
          uniqueItems: true
        ip:
          description: The consumer's public IP address
          nullable: true
          type: string
        is_framed:
          description: A boolean indicating that the form was displayed within an iframe
          nullable: true
          type: boolean
        is_mobile:
          description: >-
            A boolean indicating that the form was filled out on a mobile device
            or tablet, based on user-agent
          nullable: true
          type: boolean
        kpm:
          description: Approximate calculated words per minute
          nullable: true
          type: number
        operating_system:
          description: Operating system information parsed from the user-agent, when known
          nullable: true
          properties:
            full:
              description: >-
                A human-friendly version of the operating system information
                parsed from the user-agent
              type: string
            name:
              description: Operating system name
              type: string
            version:
              description: Operating system version
              properties:
                full:
                  description: A String containing the version
                  type: string
                major:
                  description: A String containing the major version
                  type: string
                minor:
                  description: A String containing the minor version
                  type: string
                patch:
                  description: A String containing the patch version
                  type: string
              type: object
          type: object
        page_id:
          description: The account based unique page id
          nullable: true
          type: string
        page_url:
          description: The URL of the page hosting the TrustedForm script
          format: url
          nullable: true
          type: string
        parent_page_url:
          description: The parent URL of the page hosting the TrustedForm script, if framed
          format: url
          nullable: true
          type: string
        user_agent:
          description: The consumer's browser user-agent
          nullable: true
          type: string
        wpm:
          description: Approximate calculated key presses per minute
          nullable: true
          type: number
      required:
        - age_seconds
        - approx_ip_geo
        - browser
        - created_at
        - domain
        - expires_at
        - event_duration_ms
        - is_framed
        - form_input_method
        - ip
        - kpm
        - is_mobile
        - operating_system
        - page_id
        - page_url
        - parent_page_url
        - user_agent
        - wpm
      title: DataServiceCert
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.DataServiceCert
    Fingerprints:
      example:
        matching:
          - c4a8e7fe184993964ae81380e91579015306838a
          - d511850d569bcd7802c30f54de34bb9f2b31eede
        non_matching:
          - d511850d569bcd7802c30f54de34bb9f2b31eed1
      properties:
        matching:
          description: >-
            Requested fingerprints that match fingerprints collected with the
            certificate
          items:
            type: string
          type: array
        not_matching:
          description: >-
            Fingerprints that do not match fingerprints collected with the
            certificate
          items:
            type: string
          type: array
      title: Fingerprints
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.ClaimFingerprints
    PageScans:
      example:
        forbidden_found:
          - Enim sit amet venenatis
        forbidden_not_found:
          - Est velit egestas
        required_found:
          - lorem ipsum dolor
        required_not_found:
          - Ad qui aperiri
      properties:
        forbidden_found:
          description: Requested required text found on page
          items:
            type: string
          type: array
        forbidden_not_found:
          description: Requested required text not found on page
          items:
            type: string
          type: array
        required_found:
          description: Requested required text found on page
          items:
            type: string
          type: array
        required_not_found:
          description: Requested required text not found on page
          items:
            type: string
          type: array
      required:
        - required_found
        - required_not_found
        - forbidden_found
        - forbidden_not_found
      title: PageScans
      type: object
      x-struct: Elixir.ClaimerWeb.Schemas.ClaimPageScans

````