Overview
On this page, you will find information about the Identity SDK.
Goal
The main goal of the Identity SDK is to prove that a user is really who he says he is. The SDK works as a form of multi-factor authentication for registered identities.
How it works
How the Identity SDK works can be seen in the flow chart below:
Briefly:
During some routine of your application or website (such as login, password changes, or bank transfers) a call will be made to the SDK with the ID of the policy to be verified and the CPF of the user.
We will receive the request and, according to policy, determine if the user context is known.
If it is, the SDK jumps to item 3.
If not, the user will go through all the means of authentication required by the policy (e.g. facial authentication, via SMS, etc.).
If all are correct, the SDK jumps to item 3.
If either one fails, the SDK jumps to item 4.
The SDK returns a signed JWT using your
clientSecret
attesting that the user is who they say they are.You send this JWT to your API and check the details and the signature.
If something is incorrect, the user is not authenticated
If everything is correct, the user is authenticated and cleared to perform the desired operation.
End of execution
The SDK returns that the user is not authorized.
End of execution
Useful resources
And these are the versions of the Identity SDK that are publicly available today:
SDK Android (Android)
SDK iOS (iOS)
SDK React Native (React Native)
Last updated