Overview & Integration Guide
Here you will find an overview of the major steps required to integrate Passbase into your application. You can find more details on each step in the relevant sections.
The steps in this section will guide you to integrate Passbase with your App & Backend. The graph above gives an overview on how our identity platform works, where to receive notifications, and how you can interact with Passbase. We suggest you do the following:
- 2.Integrate the Verification flow with one of our client-side SDKs
- 3.Set up Webhooks, so that you are notified about completed or reviewed verification events
- 4.Optional - Enable the Biometric Authentication flow
- 5.Retrieve data via our API. Integrate one of our server-side libraries in your backend to handle the webhook events and query the Passbase API for details about a verification using
identityAccessKey(client-side SDKs) or
key(from the webhook).
In order for your application to communicate with Passbase you need to signup for a Passbase developer account in our dashboard and retrieve your API keys from
Settings > API Keys. You'll use your publishable API key for all client-side SDKs (e.g. your web App or mobile Applications).
You'll use your secret API key for all server-side libraries (e.g. your backend server).
The client-side integration process can be summarized in 3 steps:
- 1.Install and import one of our client-side SDKs in your application
- 2.Render the Verify Me button component in your view
- 3.Your users will complete a Verification through the Verification flow - on completion, you need to track theVerification in your dashboard and handle it accordingly via the callbacks (e.g. onFinish function)
Passbase uses webhooks to notify your backend when an event happens in your client-side SDK. Webhooks are useful for asynchronous events like when a user completes a Verification, or a Verification has been reviewed.
Once you have received a successful webhook for a Verification, and you established a link between a user in your application and a Passbase User. This means you can hand off the login functionality of your application to Passbase, without having to worry about enforcing strong passwords and storing credentials. You can enable the Biometric Authentication functionality based on your security rules. For example, you can ask a user to Re-Authenticate before a high risk transaction.
For security purposes, we recommend you to minimize the Data points stored on your server. That being said, if you need to retrieve information related to a Verification you can do so via the Passbase API. You can retrieve the following types of data:
- Data points collected and shared during a Verification (E.g. first name, last name, document number, identity score)
- Metadata related to the Verification (i.e. user agent, timestamp, user references)