Smart Auth

Remote

Include the .js file directly from the CDN:

<script src="https://repo.combateafraude.com/identity/<VERSION>/index.umd.js" type="text/javascript">
</script>

Current versions

SDK
Category
Version

Identity

Beta

0.0.39

Identity

Stable

0.0.38

Utilization

Creating an SDK instance

The SDK's constructor method takes the Identity token as a parameter (see how to get yours here). In addition, you can optionally enter the SDK's initialization options.

Example using import via CDN:

<script src="https://repo.combateafraude.com/identity/<VERSION>/index.umd.js" type="text/javascript">
</script>

[...]

<script>
    const identityToken = 'your token';
    const identity = new this['@combateafraude/identity-sdk'].Sdk(identityToken);
</script>

Starting from version 0.0.33, our options parameters include the personalization of title, subtitle, description and page button text for each page, the background and text color of the modal and the timer position (which can be "UP" or "DOWN").

Options parameters:

Field

Type

Required?

Description

mobileToken

string

No*

A valid token for passive proof of life in mobile SDKs.

throwOnRecall

boolean

No

Indicates whether, when called a second time without the first call having completed, the SDK should throw an error. If not entered or entered false, the SDK returns the existing Promise without triggering an error. If true, the SDK rejects the Promise on the second call.

theme

object

No

To see all the parameters available in the theme click here.

smsLabel

object

No

To see all the parameters available in the label click here.

emailLabel

object

No

To see all the parameters available in the label click here.

pendingPageSettings

object

No

To see all the parameters available in the pendingPageSettings click here.

faceLivenessSettings

object

No

Define face authentication styles faceLivenessSettings click here.

smsSettings

object

No

Define sms authentication styles smsSettings click here.

emailSettings

object

No

Define email authentication styles emailSettings click here.

authIcon

string

No

Icon used at the top of the authentication screens

enableTimer

boolean

No

Enables or disables the timer in case of SMS and E-mail validation

enableLocationRetry

boolean

No

Enables retry on geolocation collect, without high accuracy on second try. The default value is false.

timerPosition

string

No

Position of timer in case of SMS and E-mail validation (can be "DOWN" or "UP" )

language

string

No

Defines the used language on SDK's texts default: pt-BR

metadata

string

No

This field only accepts strings formatted in JSON. Therefore, when submitting data to this field, the string must be in valid JSON format.

*You must inform mobileToken when you are using facial authentication in your policy

Theme parameters:

Field

Type

Required?

Description

closeButton

string

No

Color used in the close button

checkmark

string

No

Color used in the checkMark button

loader

string

No

Color used in the loader button

buttonSuccessColor

string

No

Color used in the success button

buttonSuccessTextColor

string

No

Color used in text of the success button

inputSuccessColor

string

No

Color used in code input

buttonFinishColor

string

No

Color used in code input

timerBackgroundColor

string

No

Color used in the background of the timer if it is active

timerColor

string

No

Color used in the timer text if it is active

modalBackgroundColor

string

No

Color used in background of the authentication modal

textColor

string

No

Color used in text of the authentication modal

Label parameters:

Field

Type

Required?

Description

enable

string

No

Enables or disables the label

link

string

No

Redirection link

text

string

No

Text used in the label

pendingPageSettings parameters:

Field

Type

Required?

Description

pendingIconSvg

string

No

Changes the icon showed when the PendingPage is open

titleText

string

No

Title of the PendingPage

descriptionText

string

No

Description of the PendingPage

buttonContentText

string

No

Text used in the PendingPage confirm button

faceLivenessSettings parameters:

Field

Type

Required?

Description

permissionButton

object

No

Changes the permission button styles click here.

startButton

object

No

Changes start button styles click here.

titleText

string

No

Title of the faceLivenessPage

subtitleText

string

No

Subtitle of the faceLivenessPage

descriptionText

string

No

Description of the faceLivenessPage

smsSettings parameters:

Field

Type

Required?

Description

titleText

string

No

Title of the smsCodePage

subtitleText

string

No

Subtitle of the smsCodePage

buttonContentText

string

No

Text used in the smsCodePage confirm button

emailSettings parameters:

Field

Type

Required?

Description

titleText

string

No

Title of the emailCodePage

subtitleText

string

No

Subtitle of the emailCodePage

buttonContentText

string

No

Text used in the emailCodePage confirm button

styles parameters:

Field

Type

Required?

Description

label

string

No

Changes text on button

color

string

No

Changes color of text on button

backgroundColor

string

No

Changes color of background

borderRadius

string

No

Changes border radius

border

string

No

Changes border

Exemple:

const identityOptions = {
mobileToken: 'seu token mobile',
throwOnRecall: true,
theme: {
    closeButton: '#000037',
    pendingIconSvg:'./example.svg'
    checkmark: "#000037",
    loader: "#000037",
    buttonSuccessColor: "000037",
    buttonSuccessTextColor: "000037",
    inputSuccessColor: "#f6ff00",
    buttonFinishColor: "#00ff0d",
    timerBackgroundColor: "000037",
    timerColor: "white",
    modalBackgroundColor: '000037',
    textColor: '000037'

},
smsLabel: {
    enable: true,
    link: "https://www.google.com/",
    text: "Its just a test SMS",
},
language: "string",
pendingPageSettings: {
        pendingIconSvg:'./example.svg',
        titleText: "Não foi possível realizar a autenticação",
        descriptionText: "Para sua segurança, entre em contato com o suporte para prosseguir",buttonContentText: "Finalizar"
    },
faceLivenessSettings: {
      startButton:{
        label: 'Tirar foto',
        color: "white",// accept hex value too,
        backgroundColor: "#000037",
        border: '1px solid #000037'
      },
      permissionButton:{
        label: 'habilitar câmera',
        color: "white",// accept hex value too,
        backgroundColor: "#000037",
        border: '1px solid #000037'
      },
        titleText:"insere um titulo",
        subtitleText:"um subtitulo",
        descriptionText:"uma descrição"
},
smsSettings:{
        titleText:"insere um titulo",
        subtitleText:"um subtitulo",
        buttonContentText: 'Validar token sms',
    },
emailSettings:{
        titleText:"insere um titulo",
        subtitleText:"um subtitulo",
        buttonContentText: 'Validar token email',
    },
enableTimer: true,
timerPosition: "UP",
authIcon:  (new Image().src = "./exemple-sdk.png"),
metadata: "{\"teste\":{\"dados\":{\"name\":\"JohnDoe\",\"personId\":\"999.999.999.99\",}}}",
};

const identityToken = 'seu token';

const identity = new IdentitySdk(identityToken, identityOptions);

Calling the SDK:

To verify a user, use the verifyPolicy method, available in the SDK instance.

You must enter the user's CPF and the policy ID to be used.

Starting from version 0.0.29, our response includes the attemptId of the attempt. This is due to the integration with the API we provide for information retrieval, which can be accessed here.

The attemptId can be returned in two ways: if isAuthorized is true, the attemptId will be included within the attestation token; if isAuthorized is false, the attemptId will be returned along with the isAuthorized field.

Please note that the attestation and attemptId fields may or may not be present in the response, depending on the executed flow.

Starting from version 0.0.35, we dispatch an event to check if the SDK is running, the name of the event is sdkStatus and it has a detail object containing a status property which can have a value of "initialized" or "finished".

const cpf = 'User CPF';
const policyId = 'Policy ID'

const response = await identity.verifyPolicy(cpf, policyId);

if(identity.isSdkError(response)) {
    // Error when running the SDK
}
else {
    const { isAuthorized, attestation, attemptId } = response;
    
    if(isAuthorized) {
        // User is authorized
        // Send the attestation to your backend and validate it there
    }
    else {
        // User is not authorized
    }
}

Last updated