The steps in this section will guide you to integrate Passbase with your App & Backend. The graph above gives an overview on how our identity platform works, where to receive notifications, and how you can interact with Passbase. We suggest you do the following:
Create a Passbase developer account if you haven't done so (sign-up here)
Integrate the Verification flow with one of our client-side SDKs
Set up Webhooks, so that you are notified about completed or reviewed verification events
Optional - Enable the Reauthentication flow
Retrieve data via our API. Integrate one of our server-side libraries in your backend to handle the webhook events and query the Passbase API for details about a verification using
identityAccessKey(client-side SDKs) or
key (from the webhook).
In order for your application to communicate with Passbase you need to signup for a Passbase developer account in our dashboard and retrieve your API keys from
Settings > API Keys.
You'll use your publishable API key for all client-side SDKs (e.g. your web App or mobile Applications).
You'll use your secret API key for all server-side libraries (e.g. your backend server).
You can find more details on API key configurations in the initial setup section of our documentation.
The client-side integration process can be summarized in 3 steps:
Install and import one of our client-side SDKs in your application
Render the Verify Me button component in your view
Your users will complete a Verification through the Verification flow - on completion, you need to track theVerification in your dashboard and handle it accordingly via the callbacks (e.g. onFinish function)
Passbase uses webhooks to notify your backend when an event happens in your client-side SDK. Webhooks are useful for asynchronous events like when a user completes a Verification, or a Verification has been reviewed.
You can find more details on the events and the request body format in the webhooks section of our documentation.
Once you have received a successful webhook for a Verification, and you established a link between a user in your application and a Passbase User. This means you can hand off the login functionality of your application to Passbase, without having to worry about enforcing strong passwords and storing credentials. You can enable the Reauthentication functionality based on your security rules. For example, you can ask a user to Re-Authenticate before a high risk transaction.
You can find more details on how to proceed with this type of integration along the client-side SDK sections of our documentation.
For security purposes, we recommend you to minimize the Data points stored on your server. That being said, if you need to retrieve information related to a Verification you can do so via the Passbase API. You can retrieve the following types of data:
Data points collected and shared during a Verification (E.g. first name, last name, document number, identity score)
Metadata related to the Verification (i.e. user agent, timestamp, user references)
[Requires special permission] Resources submitted by the User (E.g. ID document pictures, selfie videos)
You can find more details on the endpoints and the response format in the API section of our documentation.
You can find different sample projects on our official Github page, where you can test an integration and copy sample code: