> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# iProov API - Overview

The Authsignal iProov integration allows for high assurance facial biometric verification and re-authentication of users.

The [Client API](/api-reference/client-api) can be used to initiate and verify an iProov challenge session in a headless manner not using the Authsignal Pre-built UI. This approach also applies when initiating the iProov Client SDKs in native mobile apps.

The `iproovToken` returned from the [Start iProov Challenge](/api-reference/client-api/start-iproov-challenge) endpoint can be used to initiate the iProov client side flow. Pass this to the [iProov Client SDKs](https://docs.iproov.com/implementation_A-Z/front_end/introduction).

## Authentication

The Client API iProov endpoints are authenticated via [Bearer token auth](/api-reference/client-api/overview#authentication).
A token can be obtained by [tracking an action](/api-reference/client-api/overview#1-track-an-action).

## Endpoints

* [Start iProov Challenge](/api-reference/client-api/start-iproov-challenge)
* [Verify iProov Challenge](/api-reference/client-api/verify-iproov-challenge)

## Sequence diagram

The sequence starts with a Server API request to [track an action](/api-reference/server-api/track-action) (1) and ends with a Server API request to [validate the challenge](/api-reference/server-api/validate-challenge) (12).

The Client API iProov endpoints can be called to [initiate the challenge](/api-reference/client-api/start-iproov-challenge) (3) which returns an `iproovToken` and a `challengeId`.

The `iproovToken` is used to launch the iProov Client SDK (4) and the `challengeId` is used to [verify the challenge](/api-reference/client-api/verify-iproov-challenge) (7).

```mermaid theme={null}
sequenceDiagram
    autonumber
    participant I as iProov
    participant F as Your client frontend
    participant AC as Authsignal Client API
    participant B as Your web backend
    participant A as Authsignal Server API
    B->>A: Track Action
    A->>F: token
    F->>AC: Start iProov Challenge
    AC->>F: challengeId, iproovToken
    rect rgb(191, 223, 255)
    note left of I: Using iProov Front-end SDKs
    F->>I: Launch iProov Client SDK using iproovToken
    Note over I: The user is prompted to complete the iProov Facial Biometric<br/>Verification flow
    I->>F: iProov Client SDK's return status callback
    end
    F->>AC: Verify iProov Challenge (challengeId)
    AC-->>F: (Verify iProov Challenge response)<br/>isVerified
    F->>B: accessToken
    B->>A: Validate Challenge
    A->>B: Challenge result
    Note over B: Proceed with login or <br/>authenticated transaction
    
    
```
