Overview & Integration Guide

Here you will find an overview of the major steps required to integrate Passbase into your application. You can find more details on each step in the relevant sections.

Best Practice Implementation

The steps in this section will guide you to integrate Passbase with your App & Backend. The graph above gives a good overview how our identity platform works and where you need to configure or integrate us. We suggest you do the following:

  1. Setup and configure your Passbase developer account (sign-up here)

  2. Integrate the Verification flow.

  3. Set up Webhooks to be notified about completed verifications and identity verification events.

  4. Enable the Authentication flow.

  5. Integrate one of our server side SDKs to handle the webhook events and ping the Passbase API for details about a verification using identity ID

1 - Setup and configure your Passbase account

In order for your application to communicate with Passbase you have to signup to the Passbase developer dashboard and retrieve your API keys from Settings > API Keys. You'll use your publishable API key for the next several steps.

You can find more details on API keys configuration in the initial setup section of our documentation.

2 - Integrate the Verification flow

Depending on your requirements, you can integrate Passbase client side SDKs (Web, iOS, Android, React native, Flutter)

The client side integration process can be summarised in 3 steps:

  1. Install and import one of our client side SDKs in your application

  2. Create an anchor for our SDK and render it (e.g. the 'Verify Me' button)

  3. Complete a Verification through the Passbase SDK and track theVerification in your dashboard

3 - Setup webhooks

Passbase uses webhooks to notify your application when an event happens in your account. Webhooks are useful for asynchronous events like when a user completes a Verification, Or a Verification was reviewed.

You can find more details on the events and the request body format in the webhooks section of our documentation.

4 - Enable the Authentication flow (Optional)

Currently in beta, please reach out to our customer support on how to activate it for your account

Once you have received a successful webhook for a Verification, and you established a link between a user in your application and a Passbase User. This means you can hand off the login functionality of your application to Passbase, without having to worry about enforcing strong passwords and storing credentials. You can enabled the Authentication functionality based on your security rules. For example, you can ask a user to Re-Authenticate before a high risk transaction.

You can find more details on how to proceed with this type of integration along the client sections of our documentation.

5 - Retrieve Data From the API

We recommend our clients to request & store as few pieces of information as possible about their users on their side. This decreases their data liability to the extent, that they only have to protect the data they truly need. If you only care that a user has been verified or is over a certain age, then you should store this as a boolean (true/false) about them, once we have completed the identity or age verification of that user.

For security purposes, we recommend you to minimise the Data points you store on your side. That said, if you need to retrieve information related to a Verification you can do so from our API. You can retrieve the following types of data:

  • Data points collected and shared during a Verification (E.g. first name, last name, document number, identity score)

  • Metadata related to the Verification (i.e. user agent, timestamp, user references)

  • [Requires special permission] Resources submitted by the User (E.g. ID document pictures, selfie videos)

You can find more details on the endpoints and the response format in the API section of our documentation.