Implementation Guide

This guide provides step-by-step instructions to integrate Prove Pre-Fill® or Prove-Identity®. There are separate guides for both server-side and client-side implementations available.

❗️

Server-side Errors

If you encounter errors when implementing the Server-side SDK, please refer to our Error and Status Codes page.

1. Client-side:
   1. For Prove Pre-Fill®: Create or update your first screen to prompt for:
      1. If NOT implementing MobileAuth℠: Phone Number and Challenge Data (SSN or DOB or partial)
      2. If implementing MobileAuth℠: You will need to prompt the consumer to accept the US carrier (MNO) T&C in order to utilize Mobile Auth℠ to verify a consumer.
2. Client-side: On submit, the form should call an endpoint on your backend server to pass in the consumer-submitted data. It should also pass in the “flowType” of either “mobile” or “desktop”.
3. Server-side: Setup the SDK with the OAuth client ID and client secret from Portal to handle authentication for all server-side calls.
4. Server-side: Call the server-side SDK Start() function to pass in the data to start the session. The call will return a one-time use authToken and a correlation ID.
5. Server-side: Save the correlation ID in your session (you’ll use the correlation ID in the Validate, Challenge, and Complete calls for the same consumer session) and then return the authToken to your client-side.
6. Client-side: Setup the authenticator and the associated functions for Instant Link, OTP, and Auth Finish Step.
   1. If implementing MobileAuth℠: the Instant Link function should prompt for a phone number from the consumer and then return in the callback.
   2. If implementing MobileAuth℠: the OTP functions should prompt for the phone number as well as the OTP and then return in the callbacks.
   3. The Auth Finish step should make a call to your backend server which then calls the server-side SDK Validate() function.
7. Client-side: Pass the authToken to the client-side SDK Authenticate() function. Once the client-side possession work is complete, the Auth Finish step will be called.
8. Server-side: Call the server-side SDK Validate() function to complete the possession and reputation checks. The Validate response will return both the phone number and the “next” field indicating which API to call next.
   1. If the API returns success=false, then run your exception process:
      1. Prove Identity® handling
   2. 1. For Prove Pre-Fill®, the “next” field should return “v3-challenge”.
      2. For Prove Identity®, the “next” field should return “v3-complete”. Return a response to the client-side with no user data.
9. Client-side: If implementing MobileAuth℠ with Prove Pre-Fill® create a screen to prompt for the consumers challenge data
   1. Server-side: Call the server-side SDK Challenge() function.
      1. The API will return the success=true with the user information if Prove can authenticate the consumers identity information with enough trust and assurance. Return user data in a response to the client-side.
      2. Otherwise it will return success=false with no user information. Return no user data in a response to the client-side.
10. Client-side:
    1. For Prove Pre-Fill®, If consumer information was returned from Challenge response, pre-fill the form with the information. Otherwise, prompt the consumer to manually input their information in the form.
    2. For Prove Identity®, prompt the consumer to manually input their information in the form.
11. Client-side: On submit, the form should call an endpoint to your backend server to pass in the consumer information.
12. Server-side: Call the server-side SDK Complete() function to pass in the data to verify the user information.
    1. If the API returns success=true, continue with the onboarding activity.
    2. If the API returns success=false, run your exception process:
       1. Prove Identity® handling
13. Congratulations! You've integrated Prove into your application.

📘

Self-Serve

For the option, please contact your sales representative.