---
title: "Submit device data"
slug: "v1sessionsidcollected-data-1"
updated: 2026-04-24T06:50:32Z
published: 2026-04-24T06:50:32Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://devdocs.veriff.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Submit device data

Post/v1/sessions/{id}/collected-data

### Uploads end-user's device data that has been collected to improve verification results and fight fraud

- This endpoint is used to send detailed technical data about the
end-user's device, network environment, and browser characteristics
to enhance fraud detection and risk assessment capabilities
- The data is collected by third-party fingerprinting services and
submitted during or after the verification flow

#### When to use this endpoint

- Use this endpoint when you need to submit device intelligence data
from third-party fingerprinting providers

**Common use cases include:**

- Enhancing fraud detection by submitting comprehensive device
fingerprints
- Providing network telemetry for risk scoring and geolocation
verification
- Submitting browser characteristics and environment data for
device intelligence
- Integrating with third-party fraud prevention services that
collect device data

#### Request body content

- In this request, only the following fields are mandatory:
  - `providerName`: `string` Name of the fingerprinting service
provider, max 255 characters
  - `network.ip`: `string` Either IPv4 or IPv6 data needs be present
  - `device.fingerprint`: `string` Device fingerprint, max 255
characters
- The rest of the parameters listed below are optional If there is no data to provide, the parameter should not be included in the payload

#### Response data

- The response confirms successful data submission and returns:
  - Request status confirmation
  - `sessionId` that received the collected data
  - `attemptId` associated with this data submission (see the [List attempts](https://devdocs.veriff.com/apidocs/v1sessionsidattempts-1)
endpoint for more info about attempts)
- This data becomes part of the verification session's fraud detection signals and risk assessment

#### Implementation notes

- The session must be in `created` or `started` status
- Device `fingerprint` is the only required field in the `device`
object
- At least one IP address (IPv4 or IPv6) must be provided in
`network.ip`
- The `person` object is optional and used only if additional
contact data was collected
- This endpoint requires session-level
[HMAC signature](https://devdocs.veriff.com/docs/hmac-authentication-and-endpoint-security#public-api-v1) authentication
- Data submitted through this endpoint enhances fraud detection
but is not required for basic verification
- Always ensure that you use the correct API URL to send requests
See the [API URL section](https://devdocs.veriff.com/apidocs/veriff-public-api-guides#api-url)
for more info.
- The order of parameters in the real API response can differ from
the order you see in this documentation. This is expected and
part of the [Backwards compatible changes](https://devdocs.veriff.com/apidocs/veriff-public-api-guides#backwards-compatible-changes)
requirements.

Header parametersX-AUTH-CLIENTstringRequired

Your integration's API key (occasionally referred to as the "Token", "API public key" or "Publishable key"). Required for all API requests.

You can find your API key in the Veriff Customer Portal > Settings > API keys.

Exampleyour-api-key
X-HMAC-SIGNATUREstringRequired

Request body signed with the shared secret key. Required to authenticate the request sender.

Examplea3b5c7d9e1f2a4b6c8d0e2f4a6b8c0d2e4f6a8b0c2d4e6f8a0b2c4d6e8f0a2b4
Content-TypestringRequired

Request content type. Must be `application/json`.

Valid values[
  "application/json"
]Exampleapplication/json

Path parametersidstring (uuid) Required

Verification session ID.

Examplef04bdb47-d3be-4b28-b028-a652feb060b5

Body parameters<select class='api-response-data' aria-label='Media type'><option value='8f680e90-e169-4b82-946c-77900d94287e'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='a60811ee-3c95-4bef-8231-4c9038b5b5d3'>minimal_payload</option>
<option value='d3695788-3a20-487e-b278-eebbe37ae881'>comprehensive_payload</option>
</select>minimal_payload

Minimum required fields to submit device fingerprinting data. Only includes the three mandatory parameters.

```json
{
  "providerName": "SampleFingerprint",
  "network": {
    "ip": {
      "addressV4": "192.168.1.100"
    }
  },
  "device": {
    "fingerprint": "123456asdfg7890hijkl123456asdfg7890hijkl123456asdfg7890hijkl"
  }
}
```

comprehensive_payload

Complete device fingerprinting data including all optional fields such as person data, network details, browser characteristics, and device specifications.

```json
{
  "providerName": "SampleFingerprint",
  "person": {
    "email": "firstname.lastname@domain.com",
    "phoneNumber": "+11 222 333 44"
  },
  "network": {
    "mobileCarrier": "RandomTeleCom Inc",
    "ssid": "MyWiFiNetwork",
    "hostname": "examplehostname.amazonaws.com",
    "location": {},
    "ip": {
      "addressV4": "192.168.1.100",
      "addressV6": "2001:DB8:0000:XXXX:XXX:17FF:FEB6:XXXX/64"
    },
    "asn": {
      "number": "AS12345",
      "organisation": "AWS"
    }
  },
  "device": {
    "fingerprint": "123456asdfg7890hijkl123456asdfg7890hijkl123456asdfg7890hijkl",
    "androidId": "ab1357cd-a1b2-c3d4-f5g6",
    "model": "Samsung Galaxy S23 Ultra",
    "vendor": "Samsung",
    "type": "mobile",
    "browser": {
      "languages": [
        "en-gb"
      ],
      "userAgent": "Mozilla/5.0 (Linux; Android 13) AppleWebKit/537.36",
      "timezoneOffsetMinutes": -240,
      "isIncognito": false
    },
    "audio": {
      "devices": [
        {
          "name": "Built-in Speaker"
        }
      ]
    },
    "screen": {
      "heightPixels": 3088,
      "widthPixels": 1440,
      "dpi": 500
    },
    "battery": {
      "level": 0.43,
      "charging": true
    },
    "os": {
      "family": "Android",
      "name": "Android",
      "platform": "ARM",
      "version": "13"
    }
  }
}
```

Expand Allobject  providerNamestring    Required

Name of the company providing the fingerprinting service, max 255 characters.

ExampleSampleName
personobject  

Data about the person being verified.

emailstring    

Person's email address entered during the validation.

Examplefirstname.lastname@domain.com
phoneNumberstring    

Person's phone number.

Can include numbers, whitespaces and the "+" sign in front.

Example+11 222 333 44

networkobject  Required

Data about the network used.

mobileCarrierstring    

Name of the service provider.

ExampleRandomTeleCom Inc
ssidstring    

Service Set Identifier (SSID) value.

Example12345
hostnamestring    

Service host name.

Exampleexamplehostname.amazonaws.com
locationobject  

Additional data about the location.

ipobject  Required

IP info. At least one is mandatory (IPv4 or IPv6).

addressV4string    

IPv4 info. Optional if IPv6 info is included.

Example192.168.XXX.XXX
addressV6string    

IPv6 info. Optional if IPv4 info is included.

Example2001:DB8:0000:XXXX:XXX:17FF:FEB6:XXXX/64

asnobject  

Autonomous System Number (ASN) info.

numberstring    

Autonomous System Number (ASN).

ExampleAS12345
organisationstring    

Name of the organization owning the ASN.

ExampleAWS

deviceobject  Required

Data related to the device used for verification.

fingerprintstring    Required

Device fingerprint, max 255 characters.

Example123456asdfg7890hijkl123456asdfg7890hijkl123456asdfg7890hijkl
androidIdstring    

The Android unique device ID is a combination of 8 digits and letters, followed by a dash and three sets of 4 digits and letters, all letters are lowercase.

Exampleab1357cd-a1b2-c3d4-f5g6
idfvstring    

The Identifier for Vendors (IDFV) code.

ExampleF325G3GB-12FC-352F-C6C3-DZ52F0F690D8
modelstring    

Device model.

ExampleSamsung Galaxy S23 Ultra
vendorstring    

Device supplier.

ExampleSamsung
typestring    

Device type.

Valid values[
  "desktop",
  "mobile",
  "tablet",
  "other"
]Examplemobile
browserobject  

Data related to the browser used for verification.

languages Array of string   

IETF language tag, for example "es-419", "en-gb", "pl".

Example[
  "en-gb"
]string    
userAgentstring    

Browser user agent, max 255 characters.

timezoneOffsetMinutesinteger    

An integer for the time offset from the UTC, in range from -1440 to +1440 minutes.

Example-240
isIncognitoboolean    

Data about whether the incognito mode is on.

Examplefalse

audioobject  

Data related to the audio of the device used for verification.

devices Array of string   

Array of data strings about the audio of the device used for verification, in format of `name : string`.

string    

screenobject  

Data related to the screen of the device used for verification.

heightPixelsinteger    

An integer in range of 1-100000.

Example3088
widthPixelsinteger    

An integer in range of 1-100000

Example1440
dpiinteger    

An integer in range of 1-100000.

Example500

batteryobject  

Data related to the battery of the device used for verification.

levelnumber  (float)    

A float in range of 0.0-1.0.

Example0.43
chargingboolean    

Data about whether the device is charging.

Exampletrue

osobject  

Data related to the operating system (OS) of the device used for verification.

familystring    

OS family.

ExampleAndroid
namestring    

OS name.

ExampleAndroid
platformstring    

OS platform type, for example "x64", "ARM", "OS/390".

versionstring    

OS version.

Example13

Responses200

Collected data posted successfully

HeadersContent-TypestringResponse content type.Valid values[
  "application/json"
]
X-AUTH-CLIENTstringAPI key echoed back in response.
X-HMAC-SIGNATUREstringResponse body signed with the shared secret key. Required to authenticate the response sender.
<select class='api-response-data' aria-label='Media type'><option value='e793175d-0b64-4fc1-a90c-28cc49c3fa91'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='3fb5c65b-4b40-46ef-a773-12952c8d1f9d'>successful_submission</option>
</select>successful_submission

Successful data submission

Confirmation that device fingerprinting data was successfully received and associated with the verification session and attempt.

```json
{
  "status": "success",
  "sessionId": "f04bdb47-d3be-4b28-b028-a652feb060b5",
  "attemptId": "f5c68aea-7f4d-478d-80ab-ca9356074f69"
}
```

object  statusstring    

API request status

Examplesuccess
sessionIdstring    

UUID v4 which identifies the verification session

Examplef04bdb47-d3be-4b28-b028-a652feb060b5
attemptIdstring    

UUID v4 which identifies the attempt

Examplef5c68aea-7f4d-478d-80ab-ca9356074f69

400

Bad request

HeadersContent-TypestringResponse content type.
X-AUTH-CLIENTstringAPI key echoed back in response.
X-HMAC-SIGNATUREstringResponse body signed with the shared secret key. Required to authenticate the response sender.
<select class='api-response-data' aria-label='Media type'><option value='39dec324-84fd-4d58-9e5c-f7e1e216b835'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='ac4029a6-d772-452c-bad4-dd69e9084f81'>missing_required_field</option>
<option value='90542579-07d2-4298-9b32-451728a36caf'>invalid_data_format</option>
</select>missing_required_field

Missing required field

```json
{
  "status": "fail",
  "code": "1101",
  "message": "Validation failed"
}
```

invalid_data_format

Invalid data format

```json
{
  "status": "fail",
  "code": "1101",
  "message": "Validation failed"
}
```

object  statusstring    Valid values[
  "fail"
]Examplefail
codestring    Example1101
messagestring    ExampleValidation failed

401

Unauthorized

HeadersContent-TypestringResponse content type.
X-AUTH-CLIENTstringAPI key echoed back in response.
X-HMAC-SIGNATUREstringResponse body signed with the shared secret key. Required to authenticate the response sender.
<select class='api-response-data' aria-label='Media type'><option value='e9fb7280-2fb5-46b2-be48-55e95eef11f2'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='0a36bf77-57c1-445c-a07f-4472978b3bd3'>missing_api_key</option>
<option value='f000158f-b29a-41a9-992b-c831e2063ca7'>invalid_hmac_signature</option>
</select>missing_api_key

Missing API key

```json
{
  "status": "fail",
  "code": "1101",
  "message": "Mandatory X-AUTH-CLIENT header containing the API key is missing from the request."
}
```

invalid_hmac_signature

Invalid HMAC signature

```json
{
  "status": "fail",
  "code": "1101",
  "message": "X-HMAC-SIGNATURE validation failed"
}
```

object  statusstring    Valid values[
  "fail"
]Examplefail
codestring    Example1101
messagestring    ExampleMandatory X-AUTH-CLIENT header containing the API key is missing from the request.

404

Session not found

HeadersContent-TypestringResponse content type.
X-AUTH-CLIENTstringAPI key echoed back in response.
X-HMAC-SIGNATUREstringResponse body signed with the shared secret key. Required to authenticate the response sender.
<select class='api-response-data' aria-label='Media type'><option value='c78d0077-32d3-48f1-ab2a-5a5b100b3dc4'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='c083bb83-e73b-46aa-af42-25d5262f0aa6'>session_not_found</option>
</select>session_not_found

Session does not exist

```json
{
  "status": "fail",
  "code": "1101",
  "message": "Resource not found"
}
```

object  statusstring    Valid values[
  "fail"
]Examplefail
codestring    Example1101
messagestring    ExampleResource not found

500

Internal server error

HeadersContent-TypestringResponse content type.
X-AUTH-CLIENTstringAPI key echoed back in response.
X-HMAC-SIGNATUREstringResponse body signed with the shared secret key. Required to authenticate the response sender.
<select class='api-response-data' aria-label='Media type'><option value='946f893e-ea6f-4454-8215-69961f707b72'>application/json</option>
</select><select class='select-example' aria-label='Media type'><option value='03f26d33-07cf-4704-8150-98a30fd516b5'>server_error</option>
</select>server_error

Server processing error

```json
{
  "status": "fail",
  "code": "1101",
  "message": "Something went wrong"
}
```

object  statusstring    Valid values[
  "fail"
]Examplefail
codestring    Example1101
messagestring    ExampleSomething went wrong

		
			

<title style="font-size:15px;">Document Versioning</title>

**Changelog**

| Date | Description |
| --- | --- |
| Apr 24, 2026 | Headers capitalization harmonized |
| Mar 9, 2026 | Documentation updated: parent categories rearranged, intro section expanded, request and response examples added |
| Oct 2, 2025 | `vrf-` headers removed from response headers |
| Aug 6, 2025 | Response headers added |
| Mar 12, 2025 | Documentation published |