Verify User Privacy Key
API Sequence
The overall sequence pattern of API calls and other actions the integration has to follow is straightforward and common across to Proof (IDV), other enrollment-type transactions and Verified
Create Privacy Key Authentication Transaction
To begin the process of authenticating the user's identity using authID account credentials, the new transaction must be requested via API using the New Transactions Endpoint.
The example of POST body :
{
"timeout": 7200,
"ConfirmationPolicy": {
"TransportType": 0,
"CredentialType": 4,
"Fido2Policy": {
"CustomData": {
"PrivacyKey": true
}
}
},
"tag": null,
"accountNumber": "AccountV2",
"codeWord": null,
"customData": [],
"name": "Verify_Identity"
}
Transaction Template Name
The Name parameter is required and must refer to existing configured transaction template. Every Customer's Sandbox/Tenant comes with at least one named template "Verify_Identity"
New templates and template customization can be requested from authID support and include multiple elements such color schema, email branding, SMS content, logos, and more.
Confirmation Policy for Privacy Key
A Confirmation Policy object is required, and the example above must be followed to reference the Privacy Key credential type.
"ConfirmationPolicy": {
"TransportType": 0,
"CredentialType": 4,
"Fido2Policy": {
"CustomData": {
"PrivacyKey": true
}
}
}
The other options are available, please visit Verified Confirmation Policies page for more details.
Using TransportType 0 returns a TransactionId and an OneTimeSecret. Save these values from the response and use them to deliver the UI to the user. Example response body:
{
"TransactionId": "c4f2014f-9c43-665a-af52-a78d13da0503",
"OneTimeSecret": "Uw6ZwefA5FEBV9furMYlvFBs"
}
Display the User Interface
Use the values from previous step to display the embedded capture experience to the user.
The other options for TransportType parameter usage are described in the Out-of-band Transactions section.
Wait for the User to Complete Authentication
When the user completes Authentication, the status changes from 0 - Pending to another status. Refer to the Transaction Statuses section for more details.
Authentication Success Status
Only 1 - Accepted signifies "authentication success", any other status must be treated as "authentication failed"
The application has several ways to detect when the status changes.
- Periodic poll of backend for Enrollment operation status change using Transaction Status Endpoint
- Embedded Integration can listen to Web Component Events for web integration or to JavaScript bridge events for WebView integration. The UI emits the signal that the user has reached the "final page" of the experience.
Please refer to the Web Component Events section for more details.
The best strategy from both a UX transition reaction time and system load perspective is to:
- Listen to events from the Web Component / WebView.
- When the user reaches the final page, pass the signal from your application frontend to your application's backend.
- Confirm the status change via the backend Transaction Status Endpoint.
- As a backup, poll status changes periodically using Transaction Status Endpoint, for example, once every 5 seconds.
Both Out-of-band and Embedded integrations can use Webhook to receive notifications when the status changes. Note that webhooks are not queued and do not have guaranteed delivery, so the periodic polling backup strategy still applies.
Check Signature of Privacy Key Authentication Transaction
Please contact authID support to obtain the technical details.
Updated 15 days ago