Skip to main content

The flow

Your server                    iDenfy                      Your user
    │                            │                            │
    │── POST /api/v2/token ─────>│                            │
    │<── authToken, redirectUrl ─│                            │
    │                            │                            │
    │── redirect user ──────────>│── show verification UI ───>│
    │                            │<── uploads doc + selfie ───│
    │                            │                            │
    │<── POST webhook ──────────│── AI + human review        │
    │   (APPROVED/DENIED)        │                            │

Quick integration (3 steps)

1

Generate a token

curl -X POST https://ivs.idenfy.com/api/v2/token \
  -u "API_KEY:API_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"clientId": "user-123", "firstName": "John", "lastName": "Doe"}'
Response includes authToken and redirectUrl. Full parameter reference →
2

Send user to verification

Simplest — redirect to redirectUrl:
window.location.href = data.redirectUrl;
Embedded — use iFrame:
<iframe src="https://ui.idenfy.com/?authToken=TOKEN" allow="camera" allowfullscreen
  style="width:670px; height:800px; border:none;"></iframe>
Mobile — pass authToken to Android or iOS SDK.
3

Handle the webhook

{
  "status": { "overall": "APPROVED" },
  "data": { "docFirstName": "JOHN", "docLastName": "DOE" },
  "scanRef": "d2714c8a-...",
  "clientId": "user-123",
  "final": true
}
When final: true — this is the definitive result. Full webhook reference →

What happens during verification

StepWhat iDenfy does
Document captureUser selects country + document type, takes photo (or uploads)
Liveness check3D face liveness prevents spoofing (selfie with depth analysis)
AI analysisOCR extracts data, validates document authenticity, matches face
Human reviewExpert reviews edge cases — blurry docs, unusual documents
ResultAPPROVED, DENIED, or SUSPECTED delivered via webhook

Result statuses

StatusMeaningYour action
APPROVEDDocument valid, face matchedOnboard the user
DENIEDDocument invalid or face mismatchReject or ask to retry
SUSPECTEDChecks passed but flags foundReview fraudTags and mismatchTags, decide yourself
SUSPECTED does not mean failure. Check manualDocument and manualFace — if they show DOC_VALIDATED and FACE_MATCH, the verification passed but has flags. See full status vocabulary →

Features you can enable

All configured via token parameters or Dashboard settings:
FeatureParameterWhat it does
Data comparisonfirstName, lastNameCross-checks your data against the document
Country restrictioncountryLimit accepted document countries
Document typesdocumentsLimit accepted document types
AML screeningcheckAmlAuto-screen against sanctions/PEPs
Proxy detectioncheckIpProxyFlag VPN/proxy usage
Duplicate detectioncheckDuplicateFacesDetect same person verifying twice
Face blacklistcheckFaceBlacklistBlock known fraudsters
NFC chip readingnfcRequiredRead document NFC chip for high assurance
Age limitageLimitMinimum age requirement
Additional documentsadditionalStepsRequest utility bills, bank statements

Pages in this section

PageWhen you need it
Generate TokenCreating a verification session
Redirect & iFrameShowing the verification UI on web
WebhooksReceiving verification results
Data RetrievalFetching results after verification
Additional StepsRequesting extra documents
Direct ProcessingSending images via API (no UI)
Dummy ResultsTesting with fake data
DeletionGDPR data deletion

Next steps

Generate Token

Create a verification session via API.

Redirect & iFrame

Show the verification UI on your website.

Webhooks

Receive verification results in real-time.

Mobile SDKs

Native iOS and Android integration.