Learn more about the details of the server-side SDK
Next
field. This field signals which function you need to call next.
Start()
POST /initiate
so the front end can submit the flow type, phone number, and the challenge. On the back end, you’ll start a Prove flow with a call to the Start()
function. This function takes these required parameters:
desktop
or mobile
to describe which type of device the customer is starting their flow on.desktop
, Instant Link performs the possession check. When flow type is mobile
, first Mobile Auth, if enabled, and then one-time password (OTP) as a fallback. The Instant Link session has a three minute timeout from when it’s sent through SMS to when the customer can selects it. The OTP session has a two minute timeout from when it’s sent through SMS to when the customer can enter in the OTP.Flow Type=desktop
. This should be a URL you maintain. Once the customer clicks the Instant Link, they will be redirected to this URL. It should instruct the customer to continue the workflow. Maximum length is 128 characters.ssn
: full or last four digits of the customer’s social security number. You can pass it into Start()
or Challenge()
.
dob
: date of birth in one of these formats: YYYY-MM-DD
, YYYY-MM
, MM-DD
. You can pass it into Start()
or Challenge()
.
allowOTPRetry
: set to true
to allow the customer to re-enter the OTP up to three times. Defaults to false
.
Authenticate()
function - it’s a short lived JSON Web Token (JWT) tied to the current flow and used for the possession checks.
Validate()
, Challenge()
, and Complete()
function calls of the same flow. The correlation ID ties together different system calls for the same Prove flow. It can aids in troubleshooting. The session expires in 15 minutes from when the correlation ID returns from the Start()
call.
Validate()
POST /verify
to make the next call in the flow to the Validate()
function.
This function requires the Correlation ID: the ID returned by the Start()
function.
true
if the mobile number validation was successful, or false
if it failed.
true
if you need to pass the challenge into the Challenge()
function.
Start()
call, the back end can then make a call to the Challenge()
function and return the results to the front end.
Challenge()
Validate()
function returns v3-challenge
as one of the keys in the Next
field map, call the Challenge()
function to return the customer information matching the mobile number and challenge. The Challenge()
capability is available in Prove Pre-Fill. You’ll notice that when using Prove Identity, if Validate()
is successful, it returns v3-complete
as one of the keys in the Next
field map instead of v3-challenge
.
This function takes has one required parameter:
Start()
function.Validate()
function returned Challenge Missing=true
, send one of these parameters in the request:
ssn
: full or last four digits of the customer’s social security number.
dob
: date of birth in one of these formats: YYYY-MM-DD
, YYYY-MM
, MM-DD
.
true
if customer info returned.
success=true
, return the customer information in a response to the front end to prefill the form.
Complete()
Start()
function. It validates against this RegEx: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
.
true
if customer information returned.
Done
.