Overview & Integration Guide

Here you will find an overview of the major steps required to integrate Passbase into your application. You can find more details on each step in the relevant sections.

Best Practice Implementation

The steps in this section will guide you to integrate Passbase with your App & Backend. The graph above gives a good overview how our identity platform works and where you need to configure or integrate us. We suggest you do the following:

  1. Setup and configure your Passbase developer account

  2. Integrate one of our client side SDKs into your web App or mobile Application. Users will complete the verification flow through them and you obtain a authenticationKey

  3. Set up Webhooks to be notified about events happening and users verifying in your Apps

  4. Integrate the reauthentication flow if needed (e.g. account recovery)

  5. Integrate one of our server side SDKs to handle the webhook events and ping the Passbase API for details about a verification with the obtained authenticationKey

1 - Setup and Configure Your Passbase Account

In order for your application to communicate with Passbase you have to register on our dashboard and retrieve your API keys from Settings > API Access. You'll use your publishable API key for the next several steps.

Additionally, to get the most out of Passbase you should setup scoring thresholds in Settings > Thresholds. These thresholds are used to determine your Users will be automatically accepted or rejected based on the Documents they have provided.

You can find more details on API keys and the suggested threshold configuration in the initial setup section of our documentation.

2 - Integrate the Authentication Flow

Depending on your requirements, you can integrate the Authentication button on web, mobile or both as explained in the client sections of our documentation.

The client side integration process can be summarized in 4 steps:

  1. Register on Passbase to obtain API keys and Authentication credentials

  2. Install and import one of our client side SDKs in your application

  3. Create an anchor for our component and render it (e.g. the 'Verify Me' button)

  4. Have your Users authenticate through the component and track their Authentication in your dashboard

3 - Setup Webhooks

Once one of your users successfully complete an authentication, you will need to wait for Passbase to process the provided Documents. This usually takes less than 90 seconds. Once finished, we can notify you via a webhook about the status and you can query Passbase about the result of the Authentication. This is how you then can get the details about the Identity of one of your users (e.g. date of birth etc.).

You can find more details on the events and the request body format in the webhooks section of our documentation.

4 - Integrate the Reauthentication Flow (Recommended)

Once you have received a successful webhook response for an Authentication, you have established a link between your user and a Passbase User. This means you can hand off the login functionality of your application to Passbase, without having to worry about enforcing strong passwords and storing credentials. You can deploy the Reauthentication functionality based on your security rules. For example, you can ask a user to Reauthenticate before a high risk transaction.

You can find more details on how to proceed with this type of integration along the client sections of our documentation.

5 - Retrieve Data From the API (Optional)

For security purposes, we generally recommend you minimize the Personal data you store on your side. That said, if you need to retrieve information related to an Authentication you can do so from our API. You can retrieve the following types of data:

  • Personal data collected and shared during an Authentication (E.g. first name, last name, document number, identity score)

  • Metadata related to the Authentication (i.e. user agent, timestamp, user references)

  • [Special Permission] Documents submitted by the User (E.g. ID document pictures, selfie videos)

You can find more details on the endpoints and the response format in the API section of our documentation.