Prove Identity Implementation Guide
Review the steps for implementing Prove Identity
This guide provides instructions to integrate . Implementation guides for server-side and client-side SDKs are available. Prove provides server-side SDKs in the following languages: Go, Java, TypeScript, and JavaScript. If you use a different back end language, you can interact with the API endpoints.
To integrate Prove Pre-Fill solutions, you must use the client-side SDKs.
Prove Sandbox Credentials
Before you begin implementing, ensure you have Prove Sandbox credentials from the Developer Portal. To access Sandbox credentials, follow the steps outlined on the Authentication and Testing page.
Implementation With the Server-Side SDK
| Step | Client-Side | Server-Side |
|---|---|---|
| Start | If implementing Mobile Auth: Prompt the customer to accept the terms and conditions to use Mobile Auth to verify a customer. | |
On submit, the form calls an endpoint on your back end server to pass in any customer-submitted data. It also passes in the flowType of either mobile or desktop. | ||
| Setup the SDK with the OAuth client ID and client secret from Portal to handle authentication for all server-side calls. If you integrate without the server-side SDK, make a call to the /token endpoint to generate the OAuth token. | ||
Call the server-side SDK Start() function to pass in the data to start the session. The call returns a one-time use authToken and a correlation ID. | ||
Save the correlation ID in your session. You’ll use the correlation ID in the Validate, Challenge, and Complete calls for the same customer session and then return the authToken to your client-side. | ||
| Setup the authenticator and the associated functions for Instant Link, one-time password (OTP), and Auth Finish Step. The Instant Link function prompts for a phone number from the customer and then return in the callback. The OTP functions prompt for the phone number as well as the OTP and then return in the callbacks. The Auth Finish step makes a call to your back end server which then calls the server-side SDK Validate() function. | ||
Pass the authToken to the client-side SDK Authenticate() function. Once the client-side possession completes, the flow moves to the Auth Finish step. | ||
Call the server-side SDK Validate() function to complete the possession and reputation checks. The Validate response returns both the phone number and the next field indicating which API to call next. If the API returns success=false, then run your exception process: Prove Identity® handling If the API returns success=true: the next field returns v3-complete. Return a response to the client-side with no customer data. | ||
| Prompt the customer to input their information in the form. | ||
| On submit, the form calls an endpoint on your back end server to pass in the customer information. | ||
Call the server-side SDK Complete() function to pass in the data to verify the customer information. If the API returns success=true, continue with the onboarding activity. If the API returns success=false, run your exception process: Prove Identity handling |
Test Your Prove Implementation
Next, reference the Sandbox test scenarios to test users and simulate different behaviors encountered in production.
Reference the Production Launch Steps to request your production credentials.