Comment on page
Overview
On this page, you will find information about the Identity SDK.
The main goal of the Identity SDK is to prove that a user is really who he says he is. The SDK works as a form of multi-factor authentication for registered identities.
How the Identity SDK works can be seen in the flow chart below:
Briefly:
- 1.During some routine of your application or website (such as login, password changes, or bank transfers) a call will be made to the SDK with the ID of the policy to be verified and the CPF of the user.
- 2.We will receive the request and, according to policy, determine if the user context is known.
- 1.If it is, the SDK jumps to item 3.
- 2.If not, the user will go through all the means of authentication required by the policy (e.g. facial authentication, via SMS, etc.).
- 1.If all are correct, the SDK jumps to item 3.
- 2.If either one fails, the SDK jumps to item 4.
- 3.The SDK returns a signed JWT using your
clientSecret
attesting that the user is who they say they are.- 1.You send this JWT to your API and check the details and the signature.
- 1.If something is incorrect, the user is not authenticated
- 2.If everything is correct, the user is authenticated and cleared to perform the desired operation.
- 2.End of execution
- 4.The SDK returns that the user is not authorized.
- 1.End of execution
And these are the versions of the Identity SDK that are publicly available today:
Last modified 8mo ago