Retrieve a previously uploaded supporting documentation for KYC

During the KYC onboarding process, it may be necessary to upload supporting documentation. This endpoint will support the retrieval of a single previously uploaded document.


The request body at this endpoint is the header_msg JSON object.

Authorization / Authentication

header.user_handle should have the registered handle to be verified.

Apps using Access Token Authorization

Use a valid access token in a Authorization: Bearer request header.

See Authenticating with an Access Token for more details.

Apps using ECDSA Authentication

Both authsignature and usersignature headers are required for this request. See the section on ECDSA Authentication for more detail about ECDSA signature generation.

POST /0.2/get_document HTTP/1.1
Content-Type: application/json
// if using OAuth2
Authorization: Bearer [GENERATED JWT TOKEN HERE]
// if using ECDSA

  "header": {
    "created": 1234567890, 
    "app_handle": "handle.silamoney.eth", 
    "version": "0.2", 
    "crypto": "ETH", 
    "reference": "<your unique id>"
  "document_id": "279687a0-30c6-463d-85bc-eee9bf395e21"

HTTP/1.1 200 OK

No response data returned; file body is in the response contents.
const res = await sila.getDocument(userHandle, userPrivateKey, documentId); 

// Success Response Object  
console.log(res.statusCode); // 200 
console.log(res.data); // File binary data  
console.log(res.headers['content-type']); // Document MIME type 
console.log(res.headers['content-length']); // Document size in bytes   
console.log(res.headers['content-disposition']); // filename=<Document file name>
payload = {
    "user_handle": user_handle,
    "document_id": document_id
response = silasdk.Documents.getDocument(app, payload, user_private_key)

# Success Response Object
    "status_code": 200,
    "headers": {
        "Content-Type": "image/png",
    }, # dictionary with all the response headers
    "content": "..." # File binary data
GetDocumentMessage message = GetDocumentMessage.builder()
ApiResponse response = api.getDocument(message);

// Success response
System.out.println(response.getStatusCode()); // 200
System.out.println(response.getHeaders().get("Content-Type")); // Document MIME type
System.out.println(response.getHeaders().get("Content-Length")); // Document size in bytes
System.out.println(response.getHeaders().get("Content-Disposition")); // filename=<Document file name>
System.out.println((String) response.getData()); // The file binary data
$userHandle = 'user.silamoney.eth';
$privateKey = 'some private key';
$uuid = 'some-uuid-code'; // The document id
$response = $client->getDocument($userHandle, $privateKey, $uuid);

// Response 200
echo $response->getStatusCode(); // 200
echo $response->getData(); // The file binary data
var response = api.GetDocument(userHandle, privateKey, documentId);

// Success Object Response
Console.WriteLine(response.StatusCode); // 200
var parsedResponse = (string)response.Data;
Console.WriteLine(parsedResponse); // File binary data
response.Headers.TryGetValue("Content-Type", out string contentType);
Console.WriteLine(contentType); // image/png


Status CodeDescription
200File body will be in the response contents
403Access to requested document denied to requesting user or app
404No document found matching document_id

Response Headers

The response will be a streaming type with several fields in the response header which provide information on how to handle the file body, found in the response content.

Field NameData TypeDescription
Content-TypestringDocument MIME type
Content-LengthstringDocument size in bytes
Content-Dispositionstringfilename=<Document file name>

Downloaded Content Validation

It's assumed that since the user of this endpoint had knowledge of the document's id value, that information was retrieved from a previous call to /list_documents. That endpoint also returns the SHA-256 hash signature for the file.

It is recommended that another SHA-256 hash be calculated for the downloaded content, and that calculated signature compared to the formerly retrieved signature.

See Also: