iProov API - Overview
The Authsignal iProov integration allows for high assurance facial biometric verification and re-authentication of users.
The Client API can be used to initiate and verify an iProov challenge session in a headless manner not using the Authsignal Pre-built UI. This approach also applies when initiating the iProov Client SDKs in native mobile apps.
The iproovToken
returned from the Start iProov Challenge endpoint can be used to initiate the iProov client side flow. Pass this to the iProov Client SDKs.
Authentication
The Client API iProov endpoints are authenticated via Bearer token auth. A token can be obtained by tracking an action.
Endpoints
Sequence diagram
The sequence starts with a Server API request to track an action (1) and ends with a Server API request to validate the challenge (12).
The Client API iProov endpoints can be called to initiate the challenge (3) which returns an iproovToken
and a challengeId
.
The iproovToken
is used to launch the iProov Client SDK (4) and the challengeId
is used to verify the challenge (7).