Skip to main content

Documentation Index

Fetch the complete documentation index at: https://documentation.idenfy.com/llms.txt

Use this file to discover all available pages before exploring further.

API Key Authentication

All server-side API calls use HTTP Basic Auth with your API Key and API Secret. 
curl -X POST https://ivs.idenfy.com/api/v2/token \
  -u "YOUR_API_KEY:YOUR_API_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"clientId": "user-123"}'
The Authorization header is: Basic base64(API_KEY:API_SECRET)

Get Your Keys

  1. Log in to iDenfy Dashboard
  2. Go to Settings → API Keys
  3. Select Generate
Detailed guide →

Two Types of Auth

Auth typeUsed forWhere
Basic Auth (API Key + Secret)All server-side API callsYour backend only
authTokenClient-side verification UIiFrame, redirect, mobile SDK
The flow: 
Backend (Basic Auth) → POST /api/v2/token → returns authToken
Frontend (authToken) → Verification UI     → results via webhook to backend
The authToken is short-lived and scoped to one verification. It’s safe to pass to the client.
Never expose your API Secret in client-side code — browser JavaScript, mobile apps, or public repos. Use it only on your server.