> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.idenfy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# FAQ

> Find answers to frequently asked questions about iDenfy integration including verification flow, webhooks, statuses, and manual review.

## Verification Flow

<AccordionGroup>
  <Accordion title="What is the difference between manual and automatic verification?">
    iDenfy's AI **performs automatic verification** instantly and produces one webhook callback. A human reviewer then **performs manual verification** and produces a second webhook callback. If manual review is enabled for your account, you will receive up to two callbacks per verification: one automatic and one manual.
  </Accordion>

  <Accordion title="How many webhook callbacks will I receive per verification?">
    * **Automatic only:** 1 callback after the AI finishes processing.
    * **Automatic + manual review:** 2 callbacks -- first the automatic result, then the manual reviewer's decision.
  </Accordion>

  <Accordion title="Can manual reviewers change the uploaded photos?">
    No. Manual reviewers can only modify **OCR-extracted data** (names, dates, document numbers). They cannot replace or alter the photos submitted by the user.
  </Accordion>

  <Accordion title="What does the SUSPECTED status mean?">
    `SUSPECTED` means the system flagged potential issues but **did not outright reject** the verification. It is not a failure -- treat it as a signal that requires your own business logic to decide whether to accept or decline the user.
  </Accordion>

  <Accordion title="What does AUTO_UNVERIFIABLE mean?">
    `AUTO_UNVERIFIABLE` means the automatic system could not reach a definitive decision (for example, due to poor image quality). If manual review is enabled, a human reviewer will evaluate the submission next. If manual review is not enabled, you should prompt the user to retry.
  </Accordion>
</AccordionGroup>

## Tokens and Sessions

<AccordionGroup>
  <Accordion title="What is the difference between expiryTime and sessionLength?">
    * **`expiryTime`** -- how long the verification token is valid before the user starts the session (e.g., 3600 seconds). After this period the token cannot be used.
    * **`sessionLength`** -- how long the user has to complete the verification once they have opened the session (e.g., 600 seconds).
  </Accordion>

  <Accordion title="I get &#x22;Partner reached token limit&#x22; -- what does that mean?">
    This means your account has exhausted its verification credits. It is **not** a rate-limit error. Contact your iDenfy account manager to purchase additional credits.
  </Accordion>
</AccordionGroup>

## User Management

<AccordionGroup>
  <Accordion title="Why can the same user verify multiple times?">
    iDenfy does **not** track or block repeat verifications on its own. If you want to prevent a user from verifying more than once, you must implement that logic on your side -- for example, by checking the `clientId` before generating a new token.
  </Accordion>

  <Accordion title="What does Max Attempt Count do?">
    `maxAttemptCount` limits how many times a single verification session can be used for submission attempts. Once the limit is reached, the session is invalidated and the user cannot retry with it. You would need to create a new session if you want to allow further attempts.
  </Accordion>
</AccordionGroup>

## Data and Matching

<AccordionGroup>
  <Accordion title="Does iDenfy support non-Latin names?">
    Yes. iDenfy supports Unicode characters, so names in Cyrillic, Chinese, Arabic, and other scripts are handled correctly.
  </Accordion>

  <Accordion title="Which fields are used for cross-matching?">
    When you supply expected values at token creation, iDenfy can cross-match them against the extracted document data. The supported fields are:

    * `DOCUMENT_NUMBER`
    * `PERSONAL_CODE`
    * `EXPIRY_DATE`
    * `DATE_OF_BIRTH`
    * `DATE_OF_ISSUE`
  </Accordion>

  <Accordion title="How does name matching work?">
    You can configure the name-matching strategy when creating a token:

    | Mode        | Behavior                                      |
    | ----------- | --------------------------------------------- |
    | `ANY_NAME`  | At least one name (first or last) must match. |
    | `ONE_NAME`  | Exactly one name field must match.            |
    | `ALL_NAMES` | All provided name fields must match.          |
  </Accordion>
</AccordionGroup>

## Webhooks

<AccordionGroup>
  <Accordion title="My webhook endpoint is not receiving callbacks">
    Check the following:

    1. Your endpoint returns **HTTP 200** promptly. iDenfy may consider other status codes a failure.
    2. The URL configured in the dashboard is publicly accessible (not `localhost`).
    3. No firewall or security group is blocking iDenfy's IPs. See [IP Whitelisting](/security/ip-whitelisting).
    4. If using callback signing, ensure you are reading the **raw body** for signature verification. See [Callback Signing](/security/callback-signing).
  </Accordion>
</AccordionGroup>

## Front-End Integration

<AccordionGroup>
  <Accordion title="Camera does not work in a Chrome iframe">
    Chrome blocks camera access in cross-origin iframes by default. Add the `allow` attribute to your iframe element:

    ```html theme={"system"}
    <iframe
      src="https://ivs.idenfy.com/api/v2/redirect?authToken=YOUR_TOKEN"
      allow="camera; fullscreen"
      allowFullScreen
    ></iframe>
    ```
  </Accordion>
</AccordionGroup>