Review the steps for implementing Pre-Fill
Prompt Customer
Determine Type of Flow
isMobile
is true, set mobile
as the flowType
for the Start()
function on the server, otherwise you can set desktop
:Initialize the Flow
Call the Start Endpoint
Start()
function. This function takes these required parameters:flowType
: either desktop
or mobile
to describe which type of device the customer is starting their flow on.
finalTargetURL
: required when flowType=desktop
. This should be a URL you maintain. Once the customer clicks the Instant Link, they will be redirected to this URL. It should instruct the customer to continue the workflow.
ssn
: full or last four digits of the customer’s social security number. You can pass it into Start()
or Challenge()
.
dob
: date of birth in one of these formats: YYYY-MM-DD
, YYYY-MM
, MM-DD
. You can pass it into Start()
or Challenge()
.
allowOTPRetry
: set to true
to allow the customer to re-enter the OTP up to three times. Defaults to false
.
authToken
: send this to your client-side code through the Authenticate()
function - it’s a JSON Web Token (JWT) tied to the current flow and used for the possession checks. It expires after 15 minutes.
correlationId
: save this in your current session, then pass it in to each of the Validate()
, Challenge()
, and Complete()
function calls of the same flow. The correlation ID ties together different system calls for the same Prove flow. It can aids in troubleshooting. The session expires in 15 minutes from when the correlation ID returns from the Start()
call.
next
: map of the next API call you need to make.
authToken
in a response to the front end.Authenticate
authToken
, build the authenticator for both the mobile and desktop flows.withOtpFallback(startStep: OtpStartStep | OtpStartStepFn, finishStep: OtpFinishStep | OtpFinishStepFn)
, requires implementing the OtpStartStep
and OtpFinishStep
. When returning the phone number in the functions, ensure you return an object with the field phoneNumber
to the resolve()
function. The default implementation is below, but you can also view the other tabs if you wish to enable advanced capabilities.The OTP session has a two minute timeout from when it’s sent through Short Message Service (SMS) to when the customer can enter in the OTP./v3/start
endpoint. In this case, you’ve already prompted for a phone number so you don’t need to prompt for it in the client SDK.Since you passed the phone number in the Start()
function, call resolve(null)
to communicate to the SDK you have the customer’s agreement to deliver the SMS message. Ensure you return an object to resolve()
function.reject('some error message')
method to communicate to the SDK any issues while trying to obtain the phone number or the OTP. Report an error if the customer cancels the SMS transaction or presses the back button to leave the screen.In the finish step, call the resolve(result: OtpFinishResult)
method to return the collected OTP value in which result
variable has OnSuccess
value for OtpFinishResultType
and the OTP value wrapped in OtpFinishInput
.withInstantLinkFallback(startStep: InstantLinkStartStep | InstantLinkStartStepFn, retryStep?: InstantLinkRetryStep | InstantLinkRetryStepFn)
requires implementing the InstantLinkStartStep
interface and optionally the InstantLinkRetryStep
interface if you wish for advanced capabilities. When returning the phone number in the functions, ensure you return an object with the field phoneNumber
to the resolve()
function.The Instant Link session has a three minute timeout from when it’s sent through Short Message Service (SMS) to when the customer can click the received link./v3/start
endpoint. In this case, you’ve already prompted for a phone number so you don’t need to prompt for it in the client SDK.Since you passed the phone number in the Start()
function, call resolve(null)
to communicate to the SDK you have the customer’s agreement to deliver the SMS message. Ensure you return an object to resolve()
function.AuthFinishStep
function finishes.wss: device.uat.prove-auth.proveapis.com
and wss: device.prove-auth.proveapis.com
.Verify Mobile Number
AuthFinishStep
, you’ll specify a function to call once the possession checks complete on the mobile phone. This endpoint on your back end server calls the Validate()
function to validate the phone number. If it was successful, the server returns the results from the Challenge()
function including customer information. Refer to the following example fields that return and then prefill on a form for the customer to verify. The AuthFinishStep
then completes. In the event of cancellation, the server makes a call to the Validate()
function and returns success=false
.Validate Mobile Phone
POST /verify
to make the next call in the flow to the Validate()
function.This function requires the Correlation ID which is returned by the Start()
function.success
: true
if customer info returned.
individual
: customer information in a map.
next
: map of the next API you need to call you need to make.
success=true
, return the customer information in a response to the front end to prefill the form.Verify the Customer Information
Complete()
call can then verify the customer information.Call the Complete Endpoint
Start()
function.
true
if customer information returned.
Done
.