Introduction
getting started
Overview & Integration Guide
Initial Setup
Advanced Customization
web - client-side SDKs
HTML + JavaScript
React
Angular
Hosted Integration (Web Link)
mobile - client-side SDKs
iOS
Android
React Native
Flutter
server
Webhooks
Server-Side Libraries
API Reference
MetaData Encryption
No Code Solution
Slack Bot
Authentication
Biometric Authentication
Additional Checks
Watchlist Checks
Covid Vaccination Card Scan
Insurance Card Scan
Insurance Card Scan (US)
Proof of Address
Drivers License Scan
National ID Card Scan
Passport Scan
Developer Platform
Create Developer Account
Login
Powered by GitBook

MetaData Encryption

This guide helps you set up encryption to receive metaData from Passbase

If you are tracking end users in your backend through an internal UUID, transaction number, stripe ID, etc., you can use the metaData object to securely pass encrypted end user information to identify completed verifications.

The metaData object allows you to pass an encrypted JSON string via a private key encoded in base64 on the client-side, and then Passbase will use your public key to return the data on the Passbase API.

Generate Encryption Keys

Create your private key by running the following terminal command:

openssl genrsa -out ~/passbase-test-private-key.pem 4096

Generate the public key associated to the private key by running the following terminal command. Copy the content of ~/passbase-test-public-key.pub into your clipboard.

openssl rsa -in ~/passbase-test-private-key.pem -out ~/passbase-test-public-key.pub -pubout

​

Add Public Encryption Key to your Project

Enter the public encryption key copied from your clipboard within the developer dashboard for each individual project.

​

Encrypt Data in Backend

The metaData object requires an encrypted JSON string via the private key encoded in base64. Below are examples of how to create an encrypted JSON string in your backend.

JavaScript
Python
Go
Ruby
PHP
JavaScript
const crypto = require("crypto");
const fs = require("fs");
const metadata = {foo: "bar"};
const pkey = crypto.createPrivateKey({format: 'pem', key: fs.readFileSync("~/passbase-test-private-key.pem")});
const encrypted_metadata = crypto.privateEncrypt(pkey, Buffer.from(JSON.stringify(metadata))).toString('base64');
Python
import base64
import subprocess
import tempfile
metadata = bytearray('{"foo": "bar"}', 'utf-8')
with open("~/passbase-test-private-key.pem", "rb") as f:
    p = subprocess.Popen(
        "openssl rsautl -sign -inkey " + f.name,
        shell=True,
        stdin=subprocess.PIPE,
        stdout=subprocess.PIPE,
        stderr=subprocess.PIPE)
    stdout, stderr = p.communicate(input=metadata)
    encrypted_metadata = base64.b64encode(stdout)
Go
rng := rand.Reader
metadata := []byte("{\"foo\": \"bar\"}")
priv, _ := ioutil.ReadFile("~/passbase-test-private-key.pem")
privPem, _ := pem.Decode(priv)
privateKey, _ := x509.ParsePKCS1PrivateKey(privPem.Bytes)
signature, _ := rsa.SignPKCS1v15(rng, privateKey, crypto.Hash(0), metadata[:])
encrypted_metadata := base64.StdEncoding.EncodeToString(signature)
Ruby
metadata = {"foo" => "bar"}
key = OpenSSL::PKey::RSA.new(File.read("~/passbase-test-private-key.pem"))
encrypted_metadata = Base64.encode64(key.private_encrypt(metadata.to_json))
PHP
<?php
​
$metadata = array("foo" => "bar");
$private_key = openssl_pkey_get_private("file://~/passbase-test-private-key.pem");
​
$encrypted_metadata_bytes = "";
openssl_private_encrypt(json_encode($metadata), $encrypted_metadata, $private_key);
​
$encrypted_metadata = base64_encode($encrypted_metadata_bytes);

​

Pass metaData Object

After encrypting the data in your backend, you will need to pass the private key encoded in base64 to Passbase through the client-side frontend.

​

Value

metaData

Encrypted JSON string via the private key encoded in base64

HTML + JS
React
Angular
iOS
Kotlin
Java
React Native
Flutter
HTML + JS
<script type="text/javascript">
  const element = document.getElementById("passbase-button")
  const apiKey = "YOUR_API_KEY"
​
  Passbase.renderButton(element, apiKey, {
    {
      prefillAttributes: {
        email: "[email protected]",
        country: "de"
      }
    },
    // Signed and Armored Metadata, which contain {"email": "[email protected]", "country": "de", ...}
    metaData: "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
    onFinish: (identityAccessKey) => {
      console.log(identityAccessKey)
      // Open new window for end user to prevent duplicate verifications
      window.location.href =("https://passbase.com/")
    }
  })        
</script>
React
import React from 'react';
import VerifyButton from "@passbase/button/react";
​
function App() {
  const referenceUserWithKey = (key) => {
    console.log(key)
    // Make request to your backend/db and save the key to the user's profile
  }
​
  return (
    <div className="App">
      <VerifyButton
        apiKey={"YOUR_PUBLISHABLE_API_KEY"}
        onSubmitted={(identityAccessKey) => {
          referenceUserWithKey(identityAccessKey)
        }}
        onFinish={(identityAccessKey) => {
        // Open new window for end user to prevent duplicate verifications
          window.location.href =("https://passbase.com/")
        }}
        onError={(errorCode) => {}}
        onStart={() => {}}
        prefillAttributes={{
          email: "[email protected]"
        }}
        // Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
        metaData={{
          "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
        }}
      />
    </div>
  );
}
Angular
const onSubmit = (identityAccessKey) => {
  console.log(identityAccessKey)
  // Make a request to your backend/db and save the key to your user's profile
}
​
Passbase.renderButton(
  this.passbaseButton.nativeElement, 
  "YOUR_API_KEY",
  {
    onSubmitted: (identityAccessKey) => {},
    onFinish: (identityAccessKey) => {
    // Open new window for end user to prevent duplicate verifications
      window.location.href =("https://passbase.com/")
    },
    prefillAttributes: {
          email: "[email protected]",
          country: "de"
    },
    // Signed and Armored Metadata, which contain {"email": "[email protected]", "country": "de", ...}
    metaData: {
          "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
    }
  }
)
iOS
import Passbase
import UIKit
​
class ViewController: UIViewController {
​
    override func viewDidLoad() {
        super.viewDidLoad()
        
        // Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
        PassbaseSDK.metaData = "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
​
        let button = PassbaseButton(frame: CGRect(x: 40, y: 90, width: 300, height: 60))
        self.view.addSubview(button)
    }
}
Kotlin
package com.passbase.androiddemoapp
​
import androidx.appcompat.app.AppCompatActivity
import android.os.Bundle
​
// 1. Add import of Passbase SDK and the Passbase Button to the top
import com.passbase.passbase_sdk.PassbaseSDK
import com.passbase.passbase_sdk.PassbaseButton
​
class MainActivity : AppCompatActivity() {
​
    override fun onCreate(savedInstanceState: Bundle?) {
        super.onCreate(savedInstanceState)
        setContentView(R.layout.activity_main)
​
        val passbaseRef = PassbaseSDK(this)
        passbaseRef.initialize("YOUR_PUBLISBALE_API_KEY")
        
        // Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
        passbaseRef.metaData = "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
    }
​
Java
package com.passbase.androiddemoapp;
​
import androidx.appcompat.app.AppCompatActivity;
import android.os.Bundle;
​
// 1. Add import of Passbase SDK and the Passbase Button to the top
import com.passbase.passbase_sdk.Passbase;
import com.passbase.passbase_sdk.PassbaseButton;
​
public class MainActivity extends AppCompatActivity {
​
    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
​
        PassbaseSDK passbaseRef = new PassbaseSDK(this);
        passbaseRef.initialize("YOUR_PUBLISHABLE_API_KEY");
        
        // Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
        passbaseRef.setMetaData("AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD");
    }
}
React Native
// Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
PassbaseSDK.setMetaData("AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD")
Flutter
import 'package:passbase_flutter/passbase_flutter.dart';
​
...
// Signed and Armored Metadata, which contain {internal_customer_id: "XYZ", "email": "[email protected]", "country": "de", ...}
PassbaseSDK.metaData = "AJIZZDIZJADIOAJDOIZJAOIZJDOIAJIODZJIAJDIOZJAIOZDJALANLIKESJIZZOIZDJAOIZJDOZIAJDOIAZJDAZD"
...

Feature available from Web SDK version 3.3.1 and Mobile SDK version 2.4.0

​

Call Passbase API

After a user completes a verification and you receive the VERIFICATION_REVIEWED webhook event, it is time to call the Passbase Get Identity endpoint. Using this API endpoint, you will see the new metaData object returned.

If the public encryption key is not added to the developer dashboard, you will not see the metaData information returned on the API.

{
   id: "1234-1234-1234-1234",
   resources: [...],
   metadata: { internal_customer_id: "XYZ" }
}
server - Previous
API Reference
Next - server
No Code Solution
Last updated 4 months ago
Contents
Generate Encryption Keys
Add Public Encryption Key to your Project
Encrypt Data in Backend
Pass metaData Object
Call Passbase API