Prerequisites

  • Sandbox credentials: Ensure you have Prove Sandbox credentials from the Developer Portal. To access Sandbox credentials, follow the steps outlined on the Authentication page. To access the Prove API, you’ll need to use your OAuth client ID and client secret. You can load these from environment variables or another method:
// Get environment variables.
clientID := os.Getenv("PROVE_CLIENT_ID")
if len(clientID) == 0 {
  return fmt.Errorf("missing env variable: %s", "PROVE_CLIENT_ID")
}

clientSecret := os.Getenv("PROVE_CLIENT_SECRET")
if len(clientSecret) == 0 {
  return fmt.Errorf("missing env variable: %s", "PROVE_CLIENT_SECRET")
}

proveEnv := "uat-us" // Use UAT in US region.

// Create client for Prove API.
client := provesdkservergo.New(
  provesdkservergo.WithServer(proveEnv),
  provesdkservergo.WithSecurity(components.Security{
    ClientID:     provesdkservergo.String(clientID),
    ClientSecret: provesdkservergo.String(clientSecret),
  }),
)
Token Expiration

The OAuth token expires after 60 minutes, requiring you to get another token.

  • Server-side SDK: Install the server-side SDK of your choice by running a command in your terminal, or by using a dependency management tool specific to your project.
# The Go library is hosted on GitHub so you can use this command to import it
# to your Go application.
go get github.com/prove-identity/prove-sdk-server-go

# Ensure you import the SDK in your code like this:
import (
	provesdkservergo "github.com/prove-identity/prove-sdk-server-go"
	"github.com/prove-identity/prove-sdk-server-go/models/components"
)
  • Client-side SDK: Install the client-side SDK of your choice by running a command in your terminal, or by using a dependency management tool specific to your project.

To integrate Prove Pre-Fill solutions, you must use the client-side SDKs.

# Run this command to install the package (ensure you have the latest version).
npm install @prove-identity/prove-auth@2.8.2
StepClient-SideServer-Side
StartIf implementing Mobile Auth: Prompt the customer to accept the terms and conditions to use Mobile Auth to verify a customer.
On submit, the form calls an endpoint on your back end server to pass in any customer-submitted data. It also passes in the flowType of either mobile or desktop.
Setup the SDK with the OAuth client ID and client secret from Portal to handle authentication for all server-side calls.
If you integrate without the server-side SDK, make a call to the /token endpoint to generate the OAuth token.
Call the server-side SDK Start() function to pass in the data to start the session. The call returns a one-time use authToken and a correlation ID.
Save the correlation ID in your session. You’ll use the correlation ID in the Validate, Challenge, and Complete calls for the same customer session and then return the authToken to your client-side.
Setup the authenticator and the associated functions for Instant Link, one-time password (OTP), and Auth Finish Step.
The Instant Link function prompts for a phone number from the customer and then return in the callback.
The OTP functions prompt for the phone number as well as the OTP and then return in the callbacks.
The Auth Finish step makes a call to your back end server which then calls the server-side SDK Validate() function.
Pass the authToken to the client-side SDK Authenticate() function. Once the client-side possession completes, the flow moves to the Auth Finish step.
Call the server-side SDK Validate() function to complete the possession and reputation checks. The Validate response returns both the phone number and the next field indicating which API to call next. If the API returns success=false, then run your exception process:
Prove Identity® handling
If the API returns success=true: the next field returns v3-complete. Return a response to the client-side with no customer data.
Prompt the customer to input their information in the form.
On submit, the form calls an endpoint on your back end server to pass in the customer information.
Call the server-side SDK Complete() function to pass in the data to verify the customer information.
If the API returns success=true, continue with the onboarding activity.
If the API returns success=false, run your exception process:
Prove Identity handling

Test Your Prove Implementation

Next, reference the Sandbox test scenarios to test users and simulate different behaviors encountered in production.

Launch Steps

Reference the Production Launch Steps to request your production credentials.