The Authsignal iProov integration allows for high assurance facial biometric verification and re-authentication of users. The Client API can be used to initiate and verify an iProov challenge session in a headless manner not using the Authsignal Pre-built UI. This approach also applies when initiating the iProov Client SDKs in native mobile apps. The iproovToken returned from the Start iProov Challenge endpoint can be used to initiate the iProov client side flow. Pass this to the iProov Client SDKs.

Authentication

The Client API iProov endpoints are authenticated via Bearer token auth. A token can be obtained by tracking an action.

Endpoints

Sequence diagram

The sequence starts with a Server API request to track an action (1) and ends with a Server API request to validate the challenge (12). The Client API iProov endpoints can be called to initiate the challenge (3) which returns an iproovToken and a challengeId. The iproovToken is used to launch the iProov Client SDK (4) and the challengeId is used to verify the challenge (7).