The steps in this section will guide you to integrate Passbase with your App & Backend. The graph above gives a good overview how our identity platform works and where you need to configure or integrate us. We suggest you do the following:
Setup and configure your Passbase developer account (sign-up here)
Integrate the Verification flow.
Set up Webhooks to be notified about completed verifications and identity verification events.
Enable the Authentication flow.
Integrate one of our server side SDKs to handle the webhook events and ping the Passbase API for details about a verification using
In order for your application to communicate with Passbase you have to signup to the Passbase developer dashboard and retrieve your API keys from
Settings > API Keys.
You'll use your publishable API key for the next several steps.
You can find more details on API keys configuration in the initial setup section of our documentation.
Depending on your requirements, you can integrate Passbase client side SDKs (Web, iOS, Android, React native, Flutter)
The client side integration process can be summarised in 3 steps:
Install and import one of our client side SDKs in your application
Create an anchor for our SDK and render it (e.g. the 'Verify Me' button)
Complete a Verification through the Passbase SDK and track theVerification in your dashboard
Passbase uses webhooks to notify your application when an event happens in your account. Webhooks are useful for asynchronous events like when a user completes a Verification, Or a Verification was reviewed.
You can find more details on the events and the request body format in the webhooks section of our documentation.
Once you have received a successful webhook for a Verification, and you established a link between a user in your application and a Passbase User. This means you can hand off the login functionality of your application to Passbase, without having to worry about enforcing strong passwords and storing credentials. You can enabled the Authentication functionality based on your security rules. For example, you can ask a user to Re-Authenticate before a high risk transaction.
You can find more details on how to proceed with this type of integration along the client sections of our documentation.
For security purposes, we recommend you to minimise the Data points you store on your side. That said, if you need to retrieve information related to a Verification you can do so from our API. You can retrieve the following types of data:
Data points collected and shared during a Verification (E.g. first name, last name, document number, identity score)
Metadata related to the Verification (i.e. user agent, timestamp, user references)
[Requires special permission] Resources submitted by the User (E.g. ID document pictures, selfie videos)
You can find more details on the endpoints and the response format in the API section of our documentation.