Prefetch evaluation data

Partner-facing specification for starting the credit check in the background while the customer completes the first form on the tablet.

Related: Samsung Finance+ API (OpenAPI) — authentication, standard response envelope, and error format.

API version: v1

Purpose

This endpoint lets the tablet app send the customer's DNI as soon as it is entered on the first form, before POST /api/sfp/v1/application/create.

Apurata starts the credit-bureau lookup asynchronously. When the customer finishes the form and consent flow and create runs, the evaluation can reuse data that is already available, reducing wait time after application submission.

Important:

This call does not create an application.
This call does not return a credit decision or score.
The response only confirms that the background lookup was queued.
Calling this endpoint is recommended but optional. If it is not called, evaluation still runs after create; it may take longer.

When to call (tablet integration)

View (EN)	Vista (ES)	Trigger
First form — Verify Identity	Primer formulario — Verificar identidad	When the customer leaves the DNI field (e.g. `onBlur`) and the DNI passes local validation (8 digits). Call before the consent screen and before `create`.

Do not wait for the full form to be submitted. The goal is to overlap user typing with the credit check.

Call once per DNI entry on that screen. If the customer edits the DNI, call again when they leave the field with the new value.

Authentication

Same rules as all Samsung Finance+ partner endpoints (see sfplus.md):

Header: Authorization: Bearer <token>
Header: Content-Type: application/json
Use the production token for production stores and the staging/test token for test stores (delivered during store onboarding).
Token environment must match the store: production token + test store (or the reverse) returns 401.

Endpoint

URL: /api/sfp/v1/application/prefetch-evaluation-data

Method: POST

Base URL (production): https://apurata.com

Request body

JSON object. All fields are required.

Field	Type	Description
`dni`	string	Peruvian DNI — exactly 8 digits (`^[0-9]{8}$`).
`store_id`	string	Store DMS code (`sfp_dms_code`) from onboarding — same value used in `create`. Used to resolve the store and validate token environment.

Example:

{
  "dni": "12345678",
  "store_id": "TESTKIO99"
}

Success response

Code: 200 OK

{
  "success": true,
  "message": "Scrape started",
  "data": {
    "dni": "12345678"
  },
  "error": {}
}

Field	Description
`success`	`true` when the request was accepted.
`message`	Informational confirmation that the background lookup was queued.
`data.dni`	Echo of the DNI from the request.
`error`	Empty object on success.

There is no polling endpoint for this step. Credit evaluation continues automatically when the application is created.

Error responses

Same envelope as other SFP endpoints: success, message, data, error.

`400` — Validation error

Invalid or missing fields (e.g. DNI not 8 digits, missing store_id).

{
  "success": false,
  "message": "",
  "data": {},
  "error": {
    "code": 400,
    "validationErrors": [
      {
        "fieldName": "dni",
        "errorString": "Invalid DNI format"
      }
    ]
  }
}

`400` — Authentication error

Missing or wrong Bearer token.

{
  "success": false,
  "message": "",
  "data": {},
  "error": {
    "code": 400,
    "message": "Wrong or missing client token"
  }
}

`400` — Store not found

Unknown store_id / onboarding not completed.

{
  "success": false,
  "message": "",
  "data": {},
  "error": {
    "code": 400,
    "message": "Store UNKNOWN_STORE not found, ensure onboarding is completed"
  }
}

`401` — Token / store environment mismatch

Production token used against a test store, or staging token against a production store.

{
  "success": false,
  "message": "",
  "data": {},
  "error": {
    "code": 401,
    "message": "You are using a production token for a staging client"
  }

Sample request

curl -X POST 'https://apurata.com/api/sfp/v1/application/prefetch-evaluation-data' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer <staging_or_production_token>' \
  --data-raw '{
    "dni": "12345678",
    "store_id": "TESTKIO99"
  }'

Relationship to `create`

Typical sequence on the tablet:

Customer enters DNI on the first form → prefetch-evaluation-data (this endpoint).
Customer completes the rest of the form and accepts consent.
POST /api/sfp/v1/application/create with the full payload (including the same DNI and store_id).

No application_id is required for prefetch because the application does not exist yet.

Notes for integrators

Repeated calls: Safe to call again when the customer changes the DNI. Calling again with the same DNI does not break create or evaluation. Each call queues a background job; if Equifax data for that DNI is already stored, Apurata skips a new bureau request (no extra Equifax fetch). Concurrent calls within ~90 seconds for the same DNI may be ignored while one job is running. Avoid calling on every keystroke — use onBlur after local validation only.
Latency: Do not block the UI on this response beyond normal HTTP timeout; fire the request and continue the form.
Failures: If prefetch fails (network, 4xx), the customer can still continue. Log the error and proceed; create will trigger evaluation regardless.

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search