General Information

This documentation offers ways to integrate the Passbase Verification Flow via JavaScript snippet for web/React or for mobile SDKs (iOS, Android and React-Native).

Please follow the integration guide for each platform. If you have questions about integration, discover a bug or need help, please join our developer slack.


The "consumer friendly" term, Verification, is used synonymously with Authentication, a more technical term. Authentication is the ability to prove that a person (End User) (or something abstract as an application or device) is genuinely who that person (or the application/device) claims to be.

Authentication example: a user takes a Selfie Video which proves that they are alive (Liveness) and sitting in front of the device capturing the information. They then prove (verify) their Identity by providing some form of government approved Identification Document (ID) (videos and pictures). The biometric information of the Selfie Video is matched against the photograph on the ID. A positive match (Face match) authenticates a user on the system. The result of this process is an Authentication. The ID Document used for an authentication has a certain DocumentType (e.g. Passport or National ID Card) and is attached to the Authentication. Further, DocumentInformation such as the first_names, last_name, document_number or expiration_date is extracted from this Document (e.g. a Video with many frames or pictures).

API Authentication via API Key

You can find your API keys in the API settings section or directly in publishable code snippets, like a long hash. e.g. 4612a9022defviu6deb7c48cf5321247f2417c3d09cc9b56a0700ced57de.

There are two types of API keys, secret and publishable:




A publishable API Key is used for the web button and within mobile applications (iOS, Android, React) as it can be seen by anyone looking at the source code or on the web button's code snippet. It cannot be used for API calls to retrieve sensitive data out of the dashboard via webhook.


A secret API Key can only be used for our private API. When a secret API Key is used in a public setting and potentially exposed, it will be deactivated and cannot be used anymore. You should use this API for your backend or server to make requests to our API. Keep this API key secure!

Please only use secret API keys for calls from your backend and server. Please use publishable API keys for your mobile App and Web App.