README
¶
About
A simple, standalone Go package for querying the Turkish Population and Citizenship Affairs (KPS) v2 services.
This package automates the WS-Trust (STS) request flow, sends HMAC-SHA1 signed SOAP requests using the SAML-based key from the STS, and parses service responses into a convenient Go struct.
[!Note] The package uses HMAC-SHA1 as expected by NVI/KPS services.
[!Warning] KPS services perform real identity validation; without test credentials, requests may fail or be denied.
Features
- Automatic WS-Trust (Token Service / STS) authentication flow.
- Signs SOAP messages with HMAC-SHA1 (as required by KPS services).
- Parses SOAP service responses into a meaningful
Resultstruct. - Lightweight, independent and easy-to-use API.
Installation
Use Go modules:
go get github.com/Ctere1/kpsclient
Or import directly in your code:
import kpsclient "github.com/Ctere1/kpsclient"
Quick Start
A usage example is available in test/main.go. Here's a brief summary:
package main
import (
"context"
"time"
"github.com/Ctere1/kpsclient"
)
func example() {
client := kpsclient.New("USERNAME", "PASSWORD", nil)
req := kpsclient.QueryRequest{
TCNo: "99999999999",
FirstName: "JOHN",
LastName: "DOE",
BirthYear: "1990",
BirthMonth: "01",
BirthDay: "01",
SerialNumber: "ABC123456", // Optional: for new generation identity cards
}
ctx, cancel := context.WithTimeout(context.Background(), 40*time.Second)
defer cancel()
res, err := client.DoQuery(ctx, req)
if err != nil {
// error handling
}
// Use res.Result structure as needed
_ = res
}
API Overview
-
func New(username, password string, httpClient *http.Client) *Client- Creates a new
Client. IfhttpClientis nil, a default client with a 30s timeout is used.
- Creates a new
-
func (c *Client) DoQuery(ctx context.Context, req QueryRequest) (Result, error)- Runs the STS authentication flow, sends a signed service request, and parses the response.
-
type QueryRequest(input)- Fields:
TCNo(string): 11-digit Turkish Republic ID Number (required)FirstName(string): Official first name, uppercase (required)LastName(string): Official surname, uppercase (required)BirthYear(string): Year of birth, format YYYY (required)BirthMonth(string): Month of birth, format MM (optional)BirthDay(string): Day of birth, format DD (optional)SerialNumber(string): New generation identity card serial number (optional, used in certain verifications)
- Fields:
-
type Result(output)- Fields:
Status(bool)Code(1 success, 2 error/not found, 3 deceased)Message(short message as string)Person(tc_vatandasi,yabanci,mavi)Extra(map of additional data)Raw(raw SOAP/XML response)
- Fields:
License
This project is licensed under the MIT License - see the LICENSE file for details.
Documentation
¶
Overview ¶
Package kps provides client access to the Turkish Identity Verification Service (KPS) with signed SOAP and STS authentication.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildTumKutukBody ¶
func BuildTumKutukBody(r QueryRequest) string
BuildTumKutukBody constructs the <Sorgula> XML body for the KPS TumKutukDogrulamaServisi.
The generated XML format is as follows:
<Sorgula xmlns="...">
<kriterListesi>
<TumKutukDogrulamaSorguKriteri>
<Ad>...</Ad>
<DogumAy>...</DogumAy>
<DogumGun>...</DogumGun>
<DogumYil>...</DogumYil>
<KimlikNo>...</KimlikNo>
<Soyad>...</Soyad>
<TCKKSeriNo>...</TCKKSeriNo>
</TumKutukDogrulamaSorguKriteri>
</kriterListesi>
</Sorgula>
Notes:
- If DogumAy or DogumGun are left empty, "0" will automatically be used, as required by the service.
- TCKKSeriNo is optional.
- XML contents are escaped.
Returns: The full XML body as a string.
Types ¶
type Client ¶
Client is the main structure for authenticating and making requests to KPS.
type Person ¶
type Person string
Person represents the registration type of the queried individual. It expresses the identity type returned by the service.
const ( // PersonTC is used for citizens of the Republic of Turkey. PersonTC Person = "tc_vatandasi" // PersonYab represents foreign nationals. PersonYab Person = "yabanci" // PersonMavi represents Blue Card holders. PersonMavi Person = "mavi" // PersonEmpty is used when the registration type cannot be determined or is not returned. PersonEmpty Person = "" )
type QueryRequest ¶
type QueryRequest struct {
// TCNo is the 11-digit Turkish Republic identity number of the person to be queried.
TCNo string `json:"tcno"`
// FirstName should be the person's official first name (all uppercase).
FirstName string `json:"firstname"`
// LastName should be the person's official last name (all uppercase).
LastName string `json:"lastname"`
// BirthYear represents the person's year of birth (YYYY format).
BirthYear string `json:"birthyear"`
// BirthMonth represents the person's birth month (MM format). Optional.
BirthMonth string `json:"birthmonth,omitempty"`
// BirthDay represents the person's birth day (DD format). Optional.
BirthDay string `json:"birthday,omitempty"`
// SerialNumber is the new generation TCKK serial number. Optional in some validations.
SerialNumber string `json:"serialnumber,omitempty"`
}
QueryRequest represents the input query data sent to the identity verification service. Required fields may vary depending on the service type.
Required Fields:
- TCNo
- FirstName
- LastName
- BirthYear
Optional Fields:
- BirthMonth
- BirthDay
- SerialNumber (TCKK serial number – used for new identity cards)
Example Usage:
q := QueryRequest{
TCNo: "12345678901",
FirstName: "AHMET",
LastName: "YILMAZ",
BirthYear: "1990",
BirthMonth: "05",
BirthDay: "12",
}
type Result ¶
type Result struct {
// Status is the logical equivalent of the verification result.
// Returns true when Code == 1; otherwise false.
Status bool `json:"status"`
// Code represents the transaction result returned by the service.
// 1: Success, 2: Failure, 3: Deceased Record.
Code int `json:"code"`
// Message is a human-readable short summary of the transaction result.
// E.g.: "Verification successful", "No record found", etc.
Message string `json:"message,omitempty"`
// Person contains basic demographic info for the verified individual.
// Varies for Turkish citizen, foreign national or Blue Card holder.
Person Person `json:"person,omitempty"`
// Extra flexibly holds additional attributes returned by the service.
// Available fields may change depending on the service.
// Example: IdentityNo, Name, Surname, Nationality, BirthDate, DeathDate, etc.
Extra map[string]string `json:"extra,omitempty"`
// Raw contains the full raw SOAP/XML payload returned by the service.
// Useful in development and debugging phases.
Raw string `json:"raw,omitempty"`
}
Result represents the standard response returned from the identity verification service.
Code Field:
1 = Verification successful. Record found for the individual and information is validated. 2 = Verification failed. No record found for the provided information or the details do not match actual information. 3 = Record found but the individual is deceased. DeathDate field is present.
Status Field:
If Code == 1, then true, Otherwise, false.
Extra Field:
Contains additional information about the queried individual. Example: Name, Surname, IdentityNo, Nationality, BirthDate, DeathDate, etc.
Raw Field:
Contains the full raw SOAP/XML response from the service. Useful for debugging, logging, or error analysis.
func ParseTumKutukResponse ¶
ParseTumKutukResponse parses the SOAP/XML response for TumKutukDogrulamaServisi.
It traverses the XML, extracts person type data (citizen, blue card, foreigner), and builds the Result struct.
The order of searching buckets is determined based on the response's preferred types (e.g., citizen, foreigner, blue card). - If none of the containers return a valid status, a "record not found" result is returned.
Returns:
- Result with all parsed fields, extra info (e.g. Name, Surname, BirthDate, etc.), and the raw XML string for debugging/logging.
- In case of malformed XML or missing statuses, the Result's Status=false, Code=2.
Source Files
Directories