> ## Documentation Index
> Fetch the complete documentation index at: https://docs.invopop.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Upload identity image

> Stores one face of the signer's identity document as an attachment
on the silo entry. Required before confirming when
`signature=identity` was used on the agreement upload.

Call once per `view`:

- `front` + `back` for an ID card (CNI, titre de séjour).
- `page` for a passport.

Re-uploading the same `view` overwrites the previous image. The
MIME type is detected from the bytes — clients do not send it.

Stores one face of the signer's identity document as an attachment on the silo entry. Required before confirming when the agreement was uploaded with `signature=identity`. Call once per view — `front` + `back` for an ID card (CNI, titre de séjour), or `page` for a passport. Re-uploading the same view overwrites the previous image; the MIME type is detected from the bytes.


## OpenAPI

````yaml POST /apps/gov-fr/v1/entry/{silo_entry_id}/identity
openapi: 3.1.0
info:
  contact:
    email: dev@invopop.com
    name: Invopop Developers
  description: >-
    Set of end-points for the France app, including lookups against the PPF
    Annuaire (French e-invoicing directory).
  license:
    name: Apache 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
  title: France Service API
  version: 0.1.0
servers:
  - description: production
    url: https://api.invopop.com
security:
  - InvopopAuth: []
paths:
  /apps/gov-fr/v1/entry/{silo_entry_id}/identity:
    post:
      summary: Upload an identity document image
      description: |-
        Stores one face of the signer's identity document as an attachment
        on the silo entry. Required before confirming when
        `signature=identity` was used on the agreement upload.

        Call once per `view`:

        - `front` + `back` for an ID card (CNI, titre de séjour).
        - `page` for a passport.

        Re-uploading the same `view` overwrites the previous image. The
        MIME type is detected from the bytes — clients do not send it.
      operationId: uploadEntryIdentity
      parameters:
        - $ref: '#/components/parameters/SiloEntryID'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/IdentityUpload'
      responses:
        '204':
          description: Identity image stored.
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  parameters:
    SiloEntryID:
      name: silo_entry_id
      in: path
      required: true
      description: ID of the `org.Party` silo entry being onboarded.
      schema:
        type: string
        example: 5b45453c-cdd0-11ed-afa1-0242ac120002
  schemas:
    IdentityUpload:
      type: object
      required:
        - view
        - data
      properties:
        view:
          type: string
          description: |-
            Which face of the identity document this image represents.

              - `front` - Front of an ID card (recto).
              - `back` - Back of an ID card (verso).
              - `page` - Photo page of a passport.
          enum:
            - front
            - back
            - page
        data:
          type: string
          format: byte
          description: |-
            Base64-encoded binary of the image. Must be `image/jpeg` or
            `image/png`, maximum 10 MB. Text on the document should be
            clearly legible. The MIME type is detected from the bytes.
    Error:
      type: object
      required:
        - error
      properties:
        error:
          type: string
          description: Human-readable description of the error.
          example: missing siren parameter
  responses:
    BadRequest:
      description: The request is malformed or missing required parameters.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: missing siren parameter
    Unauthorized:
      description: Missing or invalid authentication token.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: missing enrollment
    Forbidden:
      description: |-
        The directory API is only available to live workspaces. Calls made
        with a sandbox enrollment are rejected.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: directory API is only available for live workspaces
    NotFound:
      description: The referenced silo entry or party could not be found.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: silo entry not found
    InternalServerError:
      description: An unexpected server-side error occurred.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: internal server error
  securitySchemes:
    InvopopAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: |-
        Authenticate using a valid Invopop enrollment token in the `Bearer`
        scheme.

        Example: `Authorization: Bearer <token>`

````