Skip to main content

Access Tracking

Track who has accessed shared verification data, when, and what data was shared. Access tracking provides transparency for users and audit trails for compliance.

Access Log

View Access History

curl -X GET "https://api.bytrustgate.com/v1/reusable-kyc/access-log?applicant_id=app_123" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "applicant_id": "app_123",
  "access_records": [
    {
      "access_id": "access_001",
      "timestamp": "2025-01-20T15:00:00Z",
      "accessor": {
        "organization_id": "org_partner_456",
        "organization_name": "Partner Fintech Inc",
        "access_type": "token_redemption"
      },
      "data_shared": [
        "full_name",
        "date_of_birth",
        "verification_status",
        "screening_status"
      ],
      "purpose": "account_opening",
      "consent_reference": "consent_789",
      "token_id": "token_abc123"
    },
    {
      "access_id": "access_002",
      "timestamp": "2025-01-15T10:30:00Z",
      "accessor": {
        "organization_id": "org_partner_789",
        "organization_name": "Another Service Ltd",
        "access_type": "direct_request"
      },
      "data_shared": [
        "full_name",
        "verification_status"
      ],
      "purpose": "identity_check",
      "consent_reference": "consent_456"
    }
  ],
  "pagination": {
    "total": 5,
    "page": 1,
    "per_page": 20
  }
}

Organization Access Report

View Who Accessed Your Users

curl -X GET "https://api.bytrustgate.com/v1/reusable-kyc/access-report?period=30d" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "period": "30d",
  "summary": {
    "total_accesses": 245,
    "unique_users_shared": 180,
    "unique_organizations": 12
  },
  "by_organization": [
    {
      "organization_id": "org_partner_456",
      "organization_name": "Partner Fintech Inc",
      "access_count": 120,
      "unique_users": 95,
      "most_requested_data": ["full_name", "verification_status"]
    },
    {
      "organization_id": "org_partner_789",
      "organization_name": "Another Service Ltd",
      "access_count": 75,
      "unique_users": 60,
      "most_requested_data": ["full_name", "date_of_birth", "screening_status"]
    }
  ],
  "by_data_type": {
    "full_name": 245,
    "date_of_birth": 180,
    "verification_status": 245,
    "screening_status": 150,
    "nationality": 90
  }
}

User Access Dashboard

Get User's Access Summary

curl -X GET "https://api.bytrustgate.com/v1/applicants/{applicant_id}/access-summary" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "applicant_id": "app_123",
  "summary": {
    "total_shares": 5,
    "active_connections": 3,
    "organizations_with_access": [
      {
        "organization_id": "org_456",
        "organization_name": "Partner Fintech Inc",
        "first_access": "2024-06-15T10:00:00Z",
        "last_access": "2025-01-20T15:00:00Z",
        "access_count": 2,
        "data_shared": ["full_name", "date_of_birth", "verification_status"],
        "can_revoke": true
      }
    ]
  },
  "pending_requests": 0
}

Real-Time Notifications

Configure Access Notifications

curl -X PUT https://api.bytrustgate.com/v1/settings/reusable-kyc/notifications \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "notify_user_on_access": true,
    "notification_channels": ["email", "in_app"],
    "notification_template": "data_access_notification",
    "real_time_webhook": {
      "enabled": true,
      "url": "https://your-app.com/webhooks/access"
    }
  }'

Access Webhook Payload

{
  "event": "reusable_kyc.data_accessed",
  "timestamp": "2025-01-20T15:00:00Z",
  "data": {
    "applicant_id": "app_123",
    "accessor": {
      "organization_id": "org_partner_456",
      "organization_name": "Partner Fintech Inc"
    },
    "data_shared": ["full_name", "date_of_birth", "verification_status"],
    "purpose": "account_opening",
    "access_id": "access_001"
  }
}

Access Analytics

curl -X GET "https://api.bytrustgate.com/v1/analytics/reusable-kyc/access?period=90d&granularity=weekly" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "period": "90d",
  "granularity": "weekly",
  "data_points": [
    {
      "week": "2025-W01",
      "total_accesses": 45,
      "unique_users": 40,
      "new_connections": 15
    },
    {
      "week": "2025-W02",
      "total_accesses": 52,
      "unique_users": 48,
      "new_connections": 12
    }
  ],
  "trends": {
    "access_growth": 0.15,
    "avg_accesses_per_user": 1.2
  }
}

Audit Export

Export Access Logs

curl -X POST https://api.bytrustgate.com/v1/reusable-kyc/access-log/export \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "period": {
      "from": "2024-01-01",
      "to": "2024-12-31"
    },
    "format": "csv",
    "include_fields": [
      "access_id",
      "timestamp",
      "applicant_id",
      "accessor_organization",
      "data_shared",
      "purpose",
      "consent_reference"
    ]
  }'

For Regulatory Compliance

curl -X POST https://api.bytrustgate.com/v1/reusable-kyc/access-log/export \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "period": {
      "from": "2024-01-01",
      "to": "2024-12-31"
    },
    "format": "pdf",
    "template": "regulatory_audit",
    "include_consent_evidence": true,
    "include_organization_details": true
  }'

Revocation Tracking

View Revocation History

curl -X GET "https://api.bytrustgate.com/v1/reusable-kyc/revocations?applicant_id=app_123" \
  -H "Authorization: Bearer YOUR_API_KEY"

Response

{
  "applicant_id": "app_123",
  "revocations": [
    {
      "revocation_id": "revoke_001",
      "organization_id": "org_789",
      "organization_name": "Previous Partner",
      "revoked_at": "2025-01-10T14:00:00Z",
      "revoked_by": "user",
      "reason": "no_longer_using_service",
      "data_previously_shared": ["full_name", "verification_status"],
      "access_count_before_revocation": 3
    }
  ]
}

Connected Applications

User's Connected Apps View

Provide users a dashboard of connected applications:

// Web SDK
const connectedApps = TrustGate.ConnectedApps({
  applicantId: 'app_123'
});

connectedApps.render('#connected-apps-container', {
  showAccessHistory: true,
  showDataShared: true,
  allowRevoke: true,
  onRevoke: (orgId) => {
    console.log('Revoked access for:', orgId);
  }
});

Connected Apps Response

{
  "connected_apps": [
    {
      "organization_id": "org_456",
      "name": "Partner Fintech",
      "logo_url": "https://...",
      "connected_since": "2024-06-15",
      "last_access": "2025-01-20",
      "data_shared": ["full_name", "date_of_birth", "verification_status"],
      "access_count": 5,
      "status": "active"
    }
  ]
}

Compliance Reports

Generate GDPR Access Report

curl -X POST https://api.bytrustgate.com/v1/reusable-kyc/gdpr-report \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "applicant_id": "app_123",
    "include": [
      "all_data_shared",
      "all_organizations_accessed",
      "consent_records",
      "revocations"
    ]
  }'

Report for Data Subject Request

{
  "applicant_id": "app_123",
  "report_type": "gdpr_access_request",
  "generated_at": "2025-01-20T16:00:00Z",
  "data_shared_summary": {
    "total_shares": 5,
    "organizations": 3,
    "data_categories": ["identity", "verification_status", "screening"]
  },
  "detailed_access_log": [...],
  "consent_records": [...],
  "revocations": [...],
  "current_active_connections": [...]
}

Next Steps