Introduction
Authenticating is a verification platform that helps verify individuals through a variety of tests; the SDK allows companies to develop custom applications that utilize these various tests. Currently we offer solutions for iOS and Android platforms via an SDK as well as an open API.
How The Process Works
Authenticating is very modular and allows you to only have users test what you need verified.
Step 1: Create the User
To start the Authenticating process, you first want to create a user; let’s call this user Liam. Whether Liam is taking the tests or you as the developer are sending in data to verify Liam is irrelevant, but for this example, I will explain it as if Liam is taking the tests.
You first make a call to the Create User endpoint; this will return a user object with the user’s “accessCode”. This access code is used in every call and should be given to the prospective testee (Liam) to use.
Once you have created Liam’s account, he can now start taking the respective tests you want.
Step 2: Take Tests
Liam can now start taking the tests you want him to take. You, as the developer, should limit his ability to only take the tests you want him to. For example, if you only want Liam to do the SMS verification test, only send them to a page where that test is available.
If you are running tests that run asynchronously, IE Upload ID, or Upload Passport it may take some time to confirm that they were successful. To check the status on the upload id endpoint, you can make a call to Check Upload ID or Check Upload Passport to check the status on the background process and whether or not it requires (or allows) a retry.
Once all of the tests have been completed, it is time to move on to the test results.
Step 3: Get Test Results
Make a call to the Get Test Result endpoint to return the results for the user. If the user still has time in their test window, a ‘note’ key string will indicate such, but bear in mind that if you call this endpoint and attempt to use the results of Liam’s tests before the test window has expired, Liam may not have had time to complete all of the tests and it may give a false negative. We therefore recommend you wait until the test window has expired before calling this (Unless running test operations).
Getting Started
Latest SDK Version:
iOS - v1.0.0
Android - v2.0.0
iOS
Github - SDK Link:
https://github.com/HOTB-Software/Authenticating-iOS-SDK
Requirements
- iOS 10.0+
- Swift 3
Installation
// Cocoapods - Podfile
target "projectTargetName" do
use_frameworks!
pod "AuthenticatingSDK", :path => "~/.cocoapods/repos/AuthenticatingSDK"
end
Cocoapods
Authenticating is available through CocoaPods. To install it, simply add the following line to your Podfile:
pod “Authenticating”
// Initial Configuration
AuthenticatingSDK *Authenticating = [AuthenticatingSDK shared];
[Authenticating configureWithKey:@"123a-456b-789c" venueId:@"14"];
// Initial Configuration - Use the API key provided as the authToken
import AuthenticatingSDK
AuthenticatingSDK.shared.configure(authToken: "123a-456b-789c")
Android
Github Links
Github Link:
https://github.com/stevenbward/Authenticating-Android-SDK
Sample Project:
https://github.com/stevenbward/Authenticating-Android-Sample-App
Requirements
Installation
//Step 1
allprojects {
repositories {
maven { url 'https://jitpack.io' }
//Don't forget this line if you are using the AppCompat Libs
maven { url "https://maven.google.com" }
}
}
//Step 2
Android {
dependencies {
compile 'com.github.stevenbward:Authenticating-Android-SDK:2.0.0'
compile 'com.squareup.retrofit2:retrofit:2.3.0'
compile 'com.squareup.okhttp3:okhttp:3.9.0'
compile 'com.squareup.okhttp3:logging-interceptor:3.9.0'
compile 'com.squareup.retrofit2:converter-gson:2.3.0'
compile 'com.google.code.gson:gson:2.8.1'
//May be omitted
compile 'com.squareup.okio:okio:1.13.0'
}
}
//Step 3 (In the Manifest Application Tag)
<application
.
.
android:largeHeap="true"
>
It is likely you will need Multi-dex enabled if you have a large number of additional libraries enabled as this includes a few dependencies of its own.
As this SDK involves uploading images (2 at a time), you will likely see OutOfMemory exceptions thrown unless you include the third line regarding largeHeap as true in your manifest file.
The Authenticating Android SDK can be installed via gradle as well is using an aar file (sent upon request). Once successfully integrated, the SDK is ready to go without any custom configuration needed. See the Important Notes section for more information regarding customizing details. For more information, please feel free to Contact us:
info@authenticating.com
Toll Free (833) 2-VERIFY
9350 Wilshire Blvd, Suite 203, Beverly Hills, CA 90212
Important Notes
V1 End of Life
As previously stated, V1 has been deprecated as of 2018-05-20 and support will be sunsetted on 2018-12-31. The link to the old docs, Can be found here
Supported Countries
Below is a list of all supported countries, territories, or regions with the Authenticating platform and their respective Country codes to be used when calling Create User.
USA - United States of America: this is local to the United States and is different than the 'AMO’ country code below.
CAN - Canada
AUS - Australia
ASI - Asia
AMO - Americas (other): this is any country or territory that is in North or South America which is not the United States of America.
EUR - Europe
AFR - Africa
OTR - Other: this is to be used if the country or territory is not listed or if instructed to do so by the admin team.
All Platforms
A few important details that apply to all using the SDK:
The authToken used in the calls is the one received by signing up for an account. Once you have been approved, it will be sent to you with information regarding pricing. This API key is unique and should not be shared to others. Furthermore, it is recommended that this API key be persisted in a safe location. For Android, as reverse engineering is possible, it is recommended to store this via your work server and retrieve it via a call of your choosing.
Also with regards to the User’s accessCode, it is linked directly to the companyId. If you have multiple users, their access codes will be unique (while in active state) and match to the companyId. If you use our service for more than one company, you will need to use multiple companyId variables to differentiate between the two.
Using sandbox keys will not charge you for endpoint calls that are normally billable. Please note that certain endpoints will have fictitious data in place when these keys are used.
Android
API Calls
All API calls can be found in the AuthenticatingAPICalls class. This class contains static methods which serve as a wrapper to access the API. Each of the methods contain a counterpart/ partner overloaded method that differs in that it takes in or exludes the OnTaskComplete interface listener.
If you call the method that uses the OnTaskComplete listener, the following happens:
The call will be made asynchronously and will not require an AsyncTask/ thread wrapper.
The method will handle the AuthenticatingError objects that can be thrown and pass them back via the listener if they occur.
The method will take care of object casting and pass back the respective object with an integer tag to match the type (More on this in a moment).
If you instead want to handle the running on your own thread, do not want to use the listener, or want to get response objects back without checking for the int type, feel free to use the overloaded / mirrored methods (of the same name) which do not take in the OnTaskComplete listener as an argument.
TL;DR / Summary, every method in the AuthenticatingAPICalls will have an overloaded option that takes in a listener. If you use the one with the listener, the response will be void and is instead sent back on the interface link. If you use the one without the listener, the response is instant and requires thread management.
Logging JSON Responses
WebCallsLogging.setJsonLogging(true);
If you want to view the responses from the server in your logcat for debugging purposes, simply type the code to the right anywhere and it will set the logging to true until you specify false or remove the set to true code.
Nested Libraries
This library utilizes the following Dependencies:
Constant Integer Tags
If you choose to use the API Calls that use the OnTaskComplete listener, they will send back an integer tag that defines the return type so you don’t need to run if checks on instanceof. The int tags it uses are located in the Constants class under the misc package. Please see the list below:
public static final int TAG_SIMPLE_RESPONSE 19000
public static final int TAG_ERROR_RESPONSE 19001
public static final int TAG_AVAILABLE_NETWORKS 19002
public static final int TAG_USER 19003
public static final int TAG_QUIZ_QUESTIONS 19004
public static final int TAG_CHECK_PHOTO_RESULT 19005
Object Types
The following objects are found within the Authenticating SDK. These objects will be used in the various methods called throughout your workflow. Below is a listing of the object, its description, and a JSON Sample of it.
User Object
{
"successful": false,
"firstName": "Pat",
"lastName": "M",
"companyId": "7717b830-2b94-464f-86f6-952225a9aba2",
"userId": "1b53f070-bc1e-4d42-bb64-0f0172b9a801",
"accessCode": "248099",
"expirationDate": "4/5/2063 6:06:44 PM"
}
This is the user obejct that is returned after a new user is created.
The accessCode in the data object is what is given to the individual taking the respective tests.
Note that the date mentioned for the expiration is in UTC.
Please see JSON sample to the right.
Check Upload Id Results
{
"successful": false,
"result": "parsing_failed",
"numAttemptsLeft": 1,
"description": "Unable to detect the image. This can be caused by poor quality photos, bad lighting, glares, or other things that interfere with the image. Please try again and make sure that the id is on a contrasted surface (i.e. a white ID on a black background or a black id on a white background)."
}
{
"successful": true,
"result": "complete",
"numAttemptsLeft": 0,
"description": "The id was received and successfully parsed."
}
This response object is used to check the status on the asyncrhonous process running after calling the uploadId endpoint. Once the numAttemptsLeft variable reaches 0, the user will no longer be permitted to upload images to the uploadId or uploadIdEnhanced endpoints.
In the response, the “result” string is an enum value that can be any of the following:
“complete” - The id was received and successfully parsed.
“parsing_failed” - Unable to detect the image. This can be caused by poor quality photos, bad lighting, glares, or other things that interfere with the image. Please try again and make sure that the id is on a contrasted surface (i.e. a white ID on a black background or a black id on a white background).
“unknown_state” - This indicates that the call to checkUploadId has either been made too quickly after the image was uploaded or there has yet to be any image uploaded to the uploadId endpoint. If this result is received and an image has been sent to uploadId, try again after 20 seconds.
“unknown_error” - An unknown error has occurred. Please try again in a few moments.
These results indicate the current status of the images being processed and the description will mirror the ones listed above as well.
Please see JSON sample to the right.
UploadId Sandbox
{
"successful": true,
"resultMessage" : "Uba DRIVER LICENSEDL D5043505CLASS CExp 12/31/2025 END NONELN LASTNAME FIRSTNAME MIDLENAME123 FAKESTLOS ANGELES, CA 90210DOB 12/31/1969RSTR NONE12311969AsesSEX M_ HAIR BRN EYES BRNHGT 5\u0027-11\" WGT 150 lbDD 12/31/201059111/AAFD/31 12/31/2010LASTNAME"
}
This data model is returned from the Upload Id, Upload Id Enhanced, and Upload Passport endpoints when sandbox keys are used instead of regular keys. The purpose of this data model is to help the developer confirm that data is being read from the passed documents before testing switching to standard, non-sandbox keys.
Simple Response
{
"successful": true
}
{
"successful": false
}
This simple response object is used in many places in the sdk. It simply indicates whether or not the call was a success.
Please see JSON sample to the right.
Test Result
{
"successful": true,
"note": "Please note, this user still has time left to complete the test results. Their test window expires on 2018-12-31",
"company": {
"companyName": "HOTB Software",
"companyId": "ABC-123"
},
"user": {
"email": "myEmail@email.com",
"phone": "5625555555",
"userId": "123-abc",
"accessCode": "521271",
"firstName": "Pat",
"lastName": "Lastnameson",
"year": 1985,
"month": 12,
"day": 31,
"birthday": "1985-12-31T09:45:00Z",
"address": "720 N Alta Dr",
"city": "Beverly Hills",
"state": "CA",
"zipcode": "90210",
"country": "USA",
"street": null,
"province": null,
"buildingNumber": null
},
"contactProof": {
"verifiedPhone": true,
"verifiedEmail": false
},
"socialProof": {
"successfulLogin": true
},
"photoProof": {
"score": 50
},
"identityProof": {
"score": 25,
"numQuestions": 4,
"status": "FAIL"
},
"idVerification": {
"status": "PASS",
"description": "The data from the front and the back match strongly."
},
"backgroundCheck": {
"hasCriminalRecord": true
},
"scannedUser": {
"Address": "720 N Alta Dr",
"Address2": "",
"Address3": "",
"Address4": "",
"Address5": "",
"Address6": "",
"Audit": "",
"CSC": "",
"City": "Beverly Hills",
"Class": "C",
"CountryShort": "USA",
"County": "",
"DateOfBirth": "12-31-85",
"DateOfBirth4": "12-31-1985",
"DateOfBirthLocal": "",
"Endorsements": "NONE",
"ExpirationDate": "12-31-25",
"ExpirationDate4": "12-31-2025",
"Eyes": "BRN",
"FatherName": "",
"Fee": "",
"Hair": "BRN",
"Height": "069 IN",
"Id": "A1234567",
"IdCountry": "United States",
"IssueDate": "12-31-17",
"IssueDate4": "12-31-2017",
"IssueDateLocal": "",
"MotherName": "",
"NameFirst": "PAT",
"NameLast": "LASTNAMESON",
"NameLast1": "",
"NameLast2": "",
"NameMiddle": "WAITFORIT",
"NameSuffix": "",
"Nationality": "",
"Original": "",
"PlaceOfBirth": "",
"PlaceOfIssue": "",
"Restriction": "NONE",
"Sex": "M",
"SigNum": "",
"SocialSecurity": "",
"State": "CA",
"Text1": "",
"Text2": "",
"Text3": "",
"Type": "",
"Weight": "155",
"Zip": "90210",
"license": "A1234567",
"CardType": "DRIVER LICENSE",
"TemplateType": "DL"
},
"passportData" {
"Address2": "P<LASTNAMESON<<PATRICK<<<<<<<<<<<<<<<<<<<<<<<<<<",
"Address3": "WG30004036UTO6007078M0511014<<<<<<<<<<<<<<06",
"Country": "USA",
"CountryLong": "",
"DateOfBirth": "07-07-60",
"DateOfBirth4": "07-07-1960",
"End_POB": "S OB ZOOO",
"ExpirationDate": "11-01-05",
"ExpirationDate4": "11-01-2005",
"IssueDate": "11-01-05",
"IssueDate4": "11-01-2005",
"NameFirst": "PATRICK",
"NameFirst_NonMRZ": "PATRICK",
"NameLast": "LASTNAMESON",
"NameLast_NonMRZ": "LASTNAMESON",
"NameMiddle": "",
"Nationality": "UTO",
"NationalityLong": "",
"PassportNumber": "WG3000403",
"PersonalNumber": "",
"Sex": "M",
"AuthenticationObject": null,
"AuthenticationResult": "Unknown",
"AuthenticationResultSummary": [],
"FaceImage": null,
"ReformattedImage": null,
"ResponseCodeAuthorization": 0,
"ResponseCodePassportFaceImage": 0,
"ResponseCodePassportFaceImageDesc": null,
"ResponseCodePassportSignatureImage": 0,
"ResponseCodePassportSignatureImageDesc": null,
"ResponseCodeProcPassport": 1,
"ResponseCodeProcPassportDesc": null,
"ResponseCodeReformatImage": 0,
"ResponseCodeReformatImageDesc": null,
"ResponseMessageAuthorization": null,
"SignImage": null,
"WebResponseCode": 1,
"WebResponseDescription": "Successful."
}
}
This response is the result received after a user has completed their tests and the Get Test Result API call is made.
A few important notes here:
First, if a user was not required to take a test (i.e. they were not intended to take a backgroundCheck test), then the results of that test will be null within the JSON response.
Second, the “note” key indicates whether a user still has time on their test. It is recommended that you give the user time to finish their test before confirming their results if they are within their designated test window.
Third, some test results, identifyProof for example, will change omit fields that are not relevant to the country of origin in which this call is being made. For example, Canadian customers would not see the “score” or “numQuestions” key / values as they are not used in that country. Also, on the identifyProof object, the status field can be one of the following: “PASS”, “FAIL”, or null. Pass means they successfully passed the test, Fail means they failed, and null means they have not yet taken the test or were not required to.
Fourth, the “scannedUser” object is the data as read from the barcode on their Photo ID. If the barcode cannot be read after multiple attempts, the data fields will be filled by attempting to parse the OCR data from the front of the Photo ID sent. Please note here that the “idVerification” object is the determination as to whether or not they passed the uploadId test while the “scannedUser” object is the parsed fields placed into the object; consequently a user could have a “scannedUser” object with data and still have failed the “idVerification” test.
Please see JSON sample to the right.
Standard Error Response
{
"successful": false,
"errorMessage": "access has expired or does not exist"
}
{
"successful": false,
"errorMessage": "Not authorized [Missing authKey]"
}
This is the standard error response that will be sent back upon a failure. Note that this will be returned upon a 400 status code to indicate an error via the error body. The errorMessage will change the value text accordingly.
Please see JSON sample to the right.
Verify Quiz Obj
{
"successful": true,
"accessCode" : "521271",
"quizId" : "123456789abcabcabcabcabc",
"transactionID" : "abcabcabcabcabc",
"responseUniqueId" : "abcabcabcabcabc",
"answers" : [
{
"questionId" : "abcabcabcabcabc",
"choiceId" : "abcabcabcabcabc"
},
{
"questionId" : "abcabcabcabcabc",
"choiceId" : "abcabcabcabcabc"
},
{
"questionId" : "abcabcabcabcabc",
"choiceId" : "abcabcabcabcabc"
},
{
"questionId" : "abcabcabcabcabc",
"choiceId" : "abcabcabcabcabc"
}
]
}
This Verify Quiz Object is used whenever sending responses to questions for quizzes.
Please see JSON sample to the right.
Quiz Object
{
"successful": true,
"code": 200,
"transactionID": "abcabcabcabcabc",
"responseUniqueId": "123456789",
"quizId": "123456789",
"numQuestions": "4",
"question": [
{
"nsquestionId": "123456789",
"nssequenceId": "1",
"nseq": "false",
"type": "CitiesLived",
"text": "Which of the following CITIES have you PREVIOUSLY OR CURRENTLY used as your address?",
"choice": [
{
"nschoiceId": "123465789",
"nssequenceId": "1",
"text": "Los Angeles"
},
{
"nschoiceId": "123465789",
"nssequenceId": "2",
"text": "New York"
},
{
"nschoiceId": "123465789",
"nssequenceId": "3",
"text": "London"
},
{
"nschoiceId": "123465789",
"nssequenceId": "4",
"text": "NONE OF THE ABOVE"
}
]
},
{
"nsquestionId": "123465789",
"nssequenceId": "2",
"nseq": "false",
"type": "RelativeBirthMonth",
"text": "In what month was ELVIS PRESLEY born?",
"choice": [
{
"nschoiceId": "123465789",
"nssequenceId": "1",
"text": "JANUARY"
},
{
"nschoiceId": "123465789",
"nssequenceId": "2",
"text": "MAY"
},
{
"nschoiceId": "123465789",
"nssequenceId": "3",
"text": "MARCH"
},
{
"nschoiceId": "123465789",
"nssequenceId": "4",
"text": "DECEMBER"
}
]
},
{
"nsquestionId": "123465789",
"nssequenceId": "3",
"nseq": "false",
"type": "StreetsLived",
"text": "Which of the following STREETS have you PREVIOUSLY or CURRENTLY used as your address?",
"choice": [
{
"nschoiceId": "123465789",
"nssequenceId": "1",
"text": "Fake St"
},
{
"nschoiceId": "123465789",
"nssequenceId": "2",
"text": "WinchestertonAve"
},
{
"nschoiceId": "123465789",
"nssequenceId": "3",
"text": "Evergreen Terrace"
},
{
"nschoiceId": "123465789",
"nssequenceId": "4",
"text": "Pennsylvania"
}
]
},
{
"nsquestionId": "123465789",
"nssequenceId": "4",
"nseq": "false",
"type": "CurrentCounty",
"text": "In what COUNTY do you currently live?",
"choice": [
{
"nschoiceId": "123465789",
"nssequenceId": "1",
"text": "Bronx County"
},
{
"nschoiceId": "123465789",
"nssequenceId": "2",
"text": "Kings County"
},
{
"nschoiceId": "123465789",
"nssequenceId": "3",
"text": "Awesome County"
},
{
"nschoiceId": "123465789",
"nssequenceId": "4",
"text": "Oregon County"
}
]
}
]
}
This object is the structure of quiz questions returned to users to answer utilizing the verifyQuiz endpoint.
Please see JSON sample to the right.
Available Networks
{
"successful": true,
"networks": [
"facebook",
"instagram",
"twitter"
]
}
This returns a list of Strings that are the social media networks that a user can log in with. If someone attempts to use a network that is not on this approved list, the test will fail.
This response comes from the Get Available Social Networks endpoint.
Please see JSON sample to the right.
Social Network Obj
{
"accessCode" : "521271",
"network" : "facebook",
"socialMediaAccessToken" : "abc-123-321-cba",
"socialMediaUserId" : "abc-def"
}
This object is used to verify a user entered valid social media credentials. Once they have successfully logged into a social media on the approved list, send a request to verifySocialNetworks with the data shown here.
Please see JSON sample to the right.
Methods
Get User
AuthenticatingSDK.shared.getUser(accessCode: "1234") { (user, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(user)
}
//Get the User Object
AuthenticatingAPICalls.getUser(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int customTag) {
if(customTag == AuthenticatingConstants.TAG_USER){
User user = (User) o;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) o;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE);
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/getUser
This endpoint pings the server to get the user object. If the access code has expired, no user data will be returned.
This call returns a User Object.
Update User
AuthenticatingSDK.shared.updateUser(accessCode: "1234", email: "user@user.com", phone: 111-111-1111, firstName: "John", lastName: "Doe", address: "123 First St.", city: "Irvine", state: "CA", zipCode: "92618", month: 6, day: 1, year: 1976, ssn: nil) { (user, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(user)
}
//Update The User Object
AuthenticatingAPICalls.updateUser(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int i) {
if(i == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) o;
Log.d("Authenticating", "A error has occurred: " + e.getAuthErrorString());
} else if(i == AuthenticatingConstants.TAG_USER){
User user = (User) o;
}
}
}, COMPANY_COMPANY_API_KEY, USER_ACCESS_CODE,
firstName, lastName, yearInt, monthInt, dayInt, address,
city, state, postalCode, street, province, buildingNumber, email, phone, ssn
);
//Or pass in a User object you build yourself
AuthenticatingAPICalls.updateUser(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int i) {
if(i == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) o;
Log.d("Authenticating", "A error has occurred: " + e.getAuthErrorString());
} else if(i == AuthenticatingConstants.TAG_USER){
User u = (User) o;
}
}
}, COMPANY_COMPANY_API_KEY, USER_ACCESS_CODE, aUserObject
);
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"accessCode" : "521271",
"email" : "email@email.com",
"phone" : "2135555555",
"firstName" : "Patrick",
"lastName" : "Lastnameson",
"address" : "123 Fake St",
"city" : "Los Angeles",
"state" : "CA",
"street" : "Rue Delaney",
"province" : "ON",
"buildingNumber" : "123",
"zipCode" : "90210",
"month" : 10,
"day" : 8,
"year" : 1985,
"ssn" : "123456789"
}' 'https://api.Authenticating.com/api/v2/updateUser'
This endpoint will update the user object. This is used when taking certain tests that require updated information. An example would be the identity quiz test which requires the user to fill out information like name, address, state, birthday, etc. Update the user and then make the respective call.
This call returns a User Object.
Of Special Note:
Although this does contain the option to send the Social Security number, please only do so if requested to within a response. Most of the time, we are able to successfully identify a person without need of their ss#. There are times, however, where there is very little information on a person and a social is required in order to properly find them. If the endpoint sends back an error indicating that there is not enough information and everything else has been filled out, then request it from a user.
Verify Phone
AuthenticatingSDK.shared.verifyPhone(accessCode: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Send the phone number for verification
AuthenticatingAPICalls.verifyPhone(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE);
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/verifyPhone'
This is used to start the phone number verification process.
A phone number is included in the call and an SMS is sent to the user. Once they receive the SMS with the code, they enter it into a field and a subsequent call is made to verifyPhoneCode.
This call returns a Simple Response Object.
Verify Phone Code
AuthenticatingSDK.shared.verifyPhoneCode(accessCode: "1234", smsCode: "4321") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Send the sms code received by phone number for verification
AuthenticatingAPICalls.verifyPhoneCode(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE, SMS_CODE);
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"code" : "120820"
}' 'https://api.Authenticating.com/api/v2/verifyPhoneCode'
This is used to complete the phone number verification process.
The user receives an SMS with a code. That code is sent on this endpoint and confirms their completion of the test.
This call returns a Simple Response Object.
Verify Email
AuthenticatingSDK.shared.verifyEmail(accessCode: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Send a verification email to the email a user has on file
AuthenticatingAPICalls.verifyEmail(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE);
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/verifyEmail'
This is used to complete the email verification process.
The user receives an email with a link. When the user clicks on said link, it will complete the verification process.
This call returns a Simple Response Object.
Compare Photos
guard let image = UIImage(named: "imageOne") else { return }
let image1Data = UIImageJPEGRepresentation(image, 0.9)
guard let img1Base64 = image1Data?.base64EncodedString(options: Data.Base64EncodingOptions(rawValue: 0)) else { return }
guard let img1Str = img1Base64.addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed) else { return }
guard let image2 = UIImage(named: "imageTwo") else { return }
let image2Data = UIImageJPEGRepresentation(image2, 0.9)
guard let img2base64 = image2Data?.base64EncodedString(options: Data.Base64EncodingOptions(rawValue: 0)) else { return }
guard let img2Str = img2base64.addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed) else { return }
AuthenticatingSDK.shared.comparePhotos(accessCode: "1234", img1: img1Base64, img2: img2base64) { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Complete the photo verification endpoint using 2 bitmaps
AuthenticatingAPICalls.comparePhotos(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, bitmapImage1, bitmapImage2
);
//Complete the photo verification endpoint using 2 already base64 encoded strings
AuthenticatingAPICalls.comparePhotos(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, base64EncodedImageString1, base64EncodedImageString2
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"img1" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE",
"img2" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE"
}' 'https://api.Authenticating.com/api/v2/comparePhotos'
This is used to complete the photo verification process. Note that the endpoint receives 2 base64 encoded Strings as the images.
For Android: please note that this is a Post call and will likely be a lengthy one. There are multiple overloaded methods if you want to utilize your own progress or thread management, however it is recommended that you use the method that runs everything within an asynctask and manages the bitmap to base 64 string conversion on its own background thread. If you want to encode them yourself and send the Strings, the overloaded method will handle this.
The correct implementation is to compare a photo from a user’s library (Local gallery, social media photo, etc) with a selfie taken using the camera on the user’s phone. The proper workflow is to force the end user to select and upload a profile picture from the library on the mobile device and then upload a selfie they just took using their camera.
Important Notes:
1) In this example, we wrote both the first and second photo to be obtained via the camera, which if copied directly will not follow the guidelines mentioned above. Please make sure that the first photo included will be from a source other than the camera.
2) This call does not return an indicator as to whether or not they actually passed the photo verification, this endpoint returns a success if the two images sent were successfully uploaded and saved to the database; the image comparison runs asynchronously.
3) The maximum allowed size of the image uploaded (per image) is capped at 2MB. Please do not send in photos larger than 2MB as an exception will be thrown. If you are using the Android SDK, the overloaded API call will automatically resize the image for you to fit specifications.
This call returns a Simple Response Object.
Upload ID
//Complete the photo verification endpoint using 2 bitmaps
AuthenticatingAPICalls.uploadId(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, bitmapImageFront, bitmapImageBack
);
//Complete the photo verification endpoint using 2 already base64 encoded strings
AuthenticatingAPICalls.uploadId(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, base64EncodedImageFront, base64EncodedImageBack
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"idFront" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE",
"idBack" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE"
}' 'https://api.Authenticating.com/api/v2/uploadId'
This is used to capture data from an ID and, if determined to be a valid ID, auto-fill forms. The alphanumeric text in the image of the front of the Photo ID is captured through an OCR scan which is then compared to and corrected with the data extracted from a scan of the barcode in the image of the back of the Photo ID. This includes a barcode template check to ensure it meets AAMVA standards.
Note that the endpoint receives two base64 encoded Strings as the images.
The correct implementation is to capture an image of the front of the photo ID (generally the front of the photo ID contains the user’s photo and personally identifying information) and submit the captured image taken as the 'idFront’ key and capturing an image of the back of the photo ID (generally the back of the photo ID contains a barcode, i.e. a PDF 417 barcode) and submitting it as the 'idBack’ key.
For Android: please note that this is a Post call and will likely be a lengthy one. There are multiple overloaded methods if you want to utilize your own progress or thread management, however it is recommended that you use the method that runs everything within an asynctask and manages the bitmap to base 64 string conversion on its own background thread. If you want to encode them yourself and send the Strings, the overloaded method will handle this.
Important Notes:
1) This call does not return an indicator as to whether or not they actually passed the ID verification, this endpoint returns a success if the two images sent were successfully uploaded and saved to the database; the image processing runs asynchronously.
2) You must ensure that the photos being uploaded are what the user intends to submit as they will not be told of their success upon upload. We recommend creating a confirm popup with both images to make sure users understand the photos they are uploading.
3) The maximum allowed size of the image uploaded (per image) is capped at 2MB. Please do not send in photos larger than 2MB as an exception will be thrown. If you are using the Android SDK, the overloaded API call will automatically resize the image for you to fit specifications.
4) Capturing a clear, non-blurry image with the mobile device is extremely important so that the ID can be processed accurately.
5) Make sure to use a minimum 5 Megapixel camera to capture the images for UploadID.
6) Make sure images are not blurry, well-focused and there is no glare, shadow, or holographic reflection on the images.
7) Make sure that there is a contrast between the ID and the background, and the background is a solid colored background.
8) Make sure all the edges of the ID are visible and no edge is getting cutoff.
This call returns a Simple Response Object.
When using sandbox keys, this call returns an Upload ID Sandbox Object.
Upload ID Enhanced
//Complete the photo verification endpoint using 2 bitmaps
AuthenticatingAPICalls.uploadIdEnhanced(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, bitmapImageFront, bitmapImageBack
);
//Complete the photo verification endpoint using 2 already base64 encoded strings
AuthenticatingAPICalls.uploadIdEnhanced(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, base64EncodedImageFront, base64EncodedImageBack
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"idFront" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE",
"idBack" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE"
}' 'https://api.Authenticating.com/api/v2/uploadIdEnhanced'
This endpoint performs the same alphanumeric text detection, barcode data correlation and template check as the Upload ID endpoint, but it also extracts biometric data contained in the ID and authenticates it by applying 50+ forensic document-specific tests utilizing the industry’s largest document library (supporting 200+ countries).
The per-cost use of this call is more expensive than Upload ID. Please contact support for pricing information.
Important Notes:
1) This call does not return an indicator as to whether or not they actually passed the ID verification, this endpoint returns a success if the two images sent were successfully uploaded and saved to the database; the image processing runs asynchronously.
2) You must ensure that the photos being uploaded are what the user intends to submit as they will not be told of their success upon upload. We recommend creating a confirm popup with both images to make sure users understand the photos they are uploading.
3) The maximum allowed size of the image uploaded (per image) is capped at 2MB. Please do not send in photos larger than 2MB as an exception will be thrown. If you are using the Android SDK, the overloaded API call will automatically resize the image for you to fit specifications.
4) Capturing a clear, non-blurry image with the mobile device is extremely important so that the ID can be processed accurately.
5) Make sure to use a minimum 8 Megapixel camera to capture the images for UploadIDEnhanced.
6) Make sure images are not blurry, well-focused and there is no glare, shadow, or holographic reflection on the images.
7) Make sure that there is a contrast between the ID and the background, and the background is a solid colored background.
8) Make sure all the edges of the ID are visible and no edge is getting cutoff.
This call returns a Simple Response Object.
When using sandbox keys, this call returns an Upload ID Sandbox Object.
Check Upload ID
//Check the status on the uploaded id
AuthenticatingAPICalls.checkUploadId(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_CHECK_PHOTO_RESULT){
CheckPhotoResults o = (CheckPhotoResults) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/checkUploadId'
This is used to determine if the uploadId asynchronous process has finished. Processing time on passed document images varies indeterminably based on a myriad of factors. This can cause problems for developers who want immediate results. This endpoint helps determine the current 'status’ of the operation in the event a user may need to make another attempt as would be the case if the image could not be read due to blur or lighting issues.
In the response, the “result” string is an enum value that can be any of the following:
“complete” - The id was received and successfully parsed.
“parsing_failed” - Unable to detect the image. This can be caused by poor quality photos, bad lighting, glares, or other things that interfere with the image. Please try again and make sure that the id is on a contrasted surface (i.e. a white ID on a black background or a black id on a white background).
“unknown_state” - This indicates that the call to checkUploadId has either been made too quickly after the image was uploaded or there has yet to be any image uploaded to the uploadId endpoint. If this result is received and an image has been sent to uploadId, try again after 20 seconds.
“unknown_error” - An unknown error has occurred. Please try again in a few moments.
These results indicate the current status of the images being processed.
This call returns a Check Upload Id Results Object.
Upload Passport
//Complete the upload Passport endpoint with the passport image
AuthenticatingAPICalls.uploadPassport(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, passportImage
);
//Complete the upload Passport endpoint with the passport image
AuthenticatingAPICalls.uploadPassport(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE, base64EncodedPassportImage
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"idFront" : "BASE_64_ENCODED_IMAGE_STRING_GOES_HERE"
}' 'https://api.Authenticating.com/api/v2/uploadPassport'
This call is used to upload an image of a passport to be scanned and parsed. The image should be of the page with the user’s information on it (generally on the first or second page). It is one picture that captures both pages of the passport. This follows the same logic as the other uploadId endpoints in that the picture needs to be clear, it needs to have minimal glare, and it must have sufficient lighting.
This is an asynchronous call and the data will be returned whenever getTestResult is eventually triggered. To check the progress of this call and make sure nothing was missed, utilize the checkUploadPassport endpoint.
To see a sample passport image of the page that needs to be submitted, please see this link or this one.
This call returns a Simple Response Object.
When using sandbox keys, this call returns an Upload ID Sandbox Object.
Check Upload Passport
//Check the status on the uploaded id
AuthenticatingAPICalls.checkUploadPassport(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_CHECK_PHOTO_RESULT){
CheckPhotoResults o = (CheckPhotoResults) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
},
COMPANY_API_KEY, USER_ACCESS_CODE
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/checkUploadPassport'
This is used to determine if the uploadPassport asynchronous process has finished. Processing time on passed document images varies indeterminably based on a myriad of factors. This can cause problems for developers who want immediate results. This endpoint helps determine the current 'status’ of the operation in the event a user may need to make another attempt as would be the case if the image could not be read due to blur or lighting issues.
In the response, the “result” string is an enum value that can be any of the following:
“complete” - The id was received and successfully parsed.
“parsing_failed” - Unable to detect the image. This can be cause by poor quality photos, bad lighting, glares, or other things that interfere with the image. Please try again and make sure that the id is on a contrasted surface (i.e. a white ID on a black background or a black id on a white background).
“unknown_state” - This indicates that the call to checkUploadId has either been made too quickly after the image was uploaded or there has yet to be any image uploaded to the uploadId endpoint. If this result is received and an image has been sent to uploadId, try again after 20 seconds.
“unknown_error” - An unknown error has occurred. Please try again in a few moments.
These results indicate the current status of the images being processed.
This call returns a Check Upload Id Results Object.
Get Available Social Networks
AuthenticatingSDK.shared.getAvailableSocialNetworks(accessCode: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Get the social networks available for a user to verify with
AuthenticatingAPICalls.getAvailableNetworks(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_AVAILABLE_NETWORKS){
List<String> networks = ((AvailableNetworks) result).getAvailableNetworks();
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271"
}' 'https://api.Authenticating.com/api/v2/getAvailableNetworks'
This is used to obtain the list of social networks that a user may log into to verify their account ownership or control.
The returned list of strings (from the object) will contain strings of network types. Currently Google, Twitter, Instagram, and Facebook are supported.
This call returns an Available Networks Object.
Verify Social Networks
AuthenticatingSDK.shared.verifySocialNetworks(accessCode: "1234", network: "Facebook", socialMediaAccessToken: "1234", socialMediaUserId: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Complete the Social Proof Test
AuthenticatingAPICalls.verifySocialNetworks(new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object result, int customTag) {
if(customTag == AuthenticatingConstants.TAG_SIMPLE_RESPONSE){
SimpleResponse o = (SimpleResponse) result;
} else if(customTag == AuthenticatingConstants.TAG_ERROR_RESPONSE){
AuthenticatingException e = (AuthenticatingException) result;
String error = e.getAuthErrorString();
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE, NETWORK_NAME, USER_ACCESS_TOKEN, USER_ID);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "521271",
"network" : "facebook",
"socialMediaAccessToken" : "abc-123-321-cba",
"socialMediaUserId" : "abc-def"
}' 'https://api.Authenticating.com/api/v2/verifySocialNetworks'
This is used to confirm valid social media credentials were entered. The network name string passed in as a param are the very same ones obtained from the getAvailableNetworks call above.
The USER_ACCESS_TOKEN is the user’s access / auth token you obtain after the user successfully logs into their social media account.
The USER_ID is the user’s id you obtain after the user successfully logs into their social media account.
This call returns a Simple Response Object.
Get Identity Proof Quiz
AuthenticatingSDK.shared.getIdentityProofQuiz(accessCode: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Get the identity proof quiz questions
AuthenticatingAPICalls.getQuiz(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int i) {
listener.showOrHideLoadingAnimation(false);
if (i == AuthenticatingConstants.TAG_ERROR_RESPONSE) {
AuthenticatingException e = (AuthenticatingException) o;
Log.d("Authenticating", "An error has Occurred: " +
e.getAuthErrorString());
} else if (i == AuthenticatingConstants.TAG_QUIZ_QUESTIONS) {
QuizObject quizObject = (QuizObject) o;
if(quizObject != null){
List<QuizObject.QuizQuestion> questions = quizObject.getQuizQuestions();
//Utilize Questions here
}
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE
);
curl -XPOST -H 'Content-Type: application/json' -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -d '{
"accessCode" : "636224"
}' 'https://api.Authenticating.com/api/v2/getQuiz'
This endpoint will access public records to generate a list of questions for the user to answer as a means to prove their identity. If the user cannot be found with the information provided, it will reply with what information is missing (i.e their birthday); in which case a call should be made to updateUser and then this call should be attempted again. Note! If the user cannot be found from the information provided after all updateUser methods have been exhausted, they will be asked to also include their Social Security number.
This call returns a Quiz Object.
Verify Quiz
AuthenticatingSDK.shared.verifyQuiz(accessCode: "1234", quizId: "18393214", transactionId: "613113096-613103096", responseUniqueId: "620432141", questionOneId: "48208200285", choiceOneId: "292251694", questionTwoId: "48208200286", choiceTwoId: "298251699", questionThreeId: "48208200287", choiceThreeId: "298251700", questionFourId: "48208200288", choiceFourId: "298251706") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Complete the Identity quiz by using the questions received.
AuthenticatingAuthenticatingAPICalls.verifyQuiz(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int i) {
//Regardless of pass or fail, make sure to clear data here for security//
if (i == AuthenticatingConstants.TAG_ERROR_RESPONSE) {
AuthenticatingException e = (AuthenticatingException) o;
Log.d("Authenticating", "An error has Occurred: " +
e.getAuthErrorString());
} else if (i == AuthenticatingConstants.TAG_SIMPLE_RESPONSE) {
SimpleResponse s = (SimpleResponse) o;
}
}
}, COMPANY_API_KEY, ACCESS_CODE,
answersArray, quizId, transactionId, responseUniqueId
);
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"accessCode" : "636224",
"quizId" : "123456789asdasdasd",
"transactionID" : "osfh9sh9ffsffswa",
"responseUniqueId" : "dhuaeiofefs",
"answers" : [
{
"questionId" : "hd9wd80ywd9d-ahd1",
"choiceId" : "se0f9js0jfmf1"
},
{
"questionId" : "hd9wd80ywd9d-ahd2",
"choiceId" : "se0f9js0jfmf2"
},
{
"questionId" : "hd9wd80ywd9d-ahd3",
"choiceId" : "se0f9js0jfmf3"
},
{
"questionId" : "hd9wd80ywd9d-ahd4",
"choiceId" : "se0f9js0jfmf4"
}
]
}' 'https://api.Authenticating.com/api/v2/verifyQuiz'
This is used to complete the Identity Proof Quiz. The users will give their answers to the multiple choice questions and this will score their results.
This call returns a Simple Response Object.
Generate Criminal Background Report
AuthenticatingSDK.shared.generateCriminalBackgroundReport(accessCode: "1234") { (response, errorMessage) in
if errorMessage != nil {
print(errorMessage)
return
}
print(response)
}
//Generate the background report
AuthenticatingAPICalls.generateBackgroundReport(
new OnTaskCompleteListener() {
@Override
public void onTaskComplete(Object o, int i) {
if (i == AuthenticatingConstants.TAG_ERROR_RESPONSE) {
AuthenticatingException e = (AuthenticatingException) o;
e.getAuthErrorString();
} else if (i == AuthenticatingConstants.TAG_SIMPLE_RESPONSE) {
//Background report was successfully generated (though not visible via response)
}
}
}, COMPANY_API_KEY, USER_ACCESS_CODE
);
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"accessCode" : "636224"
}' 'https://api.Authenticating.com/api/v2/generateCriminalReport'
Utilizing this endpoint will generate a criminal background report for the user when the “hasCriminalRecord” key in the Test Result object is true. The results are not returned to you, but are accessible to administrators through a database separate from the user’s personally identifying information. If you would like a manual review of the results that were obtained to know if it violates your policy, please contact support. This report may contain information from the following sources: Department of Corrections, Court Records, Arrest Logs and Sexual Offender Records. Coverage varies by state. The public records and commercially available data sources compiled in this report may have errors. Data is sometimes entered poorly, processed incorrectly and is generally not free from defect. This report should not be relied upon as definitively accurate. Before relying on any data from this report, it should be independently verified. The criminal record data in this report may include records that have been expunged, sealed, or otherwise have become inaccessible to the public since the date on which the data was last updated or collected. This does not constitute a “consumer report” as that term is defined in the federal Fair Credit Reporting Act, 15 USC 1681 et seq. (FCRA). Accordingly, it may not be used in whole or in part as a factor in determining eligibility for credit, insurance, employment or another permissible purpose under the FCRA.
Please note that in order to utilize this endpoint, one of two criteria have been met: either the user must upload their Photo ID to the uploadId endpoint and have it parsed correctly or they must successfully complete the Identity Proof Quiz. If a user attempts to reach this endpoint with neither of these criteria met, it will assume that the user has yet to take their quiz and will request they do so via an error response.
The USER_ACCESS_CODE is the user’s access / auth token you obtain after the user successfully logs into their social media account.
This call returns a Simple Response Object.
Create User
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"firstName" : "Patrick",
"lastName" : "Lastnameson",
"email" : "email@email.com",
"phone" : "2135555555",
"country" : "USA"
}' 'https://api.Authenticating.com/api/v2/createUser'
This endpoint creates a user. It is designed to be used by admins within the company to create a user account before they are given the access code.
Note, all fields listed here are required and an error will be thrown if one or more is omitted; the one exception is phone which was removed as a required field on 2018-07-11.
The country value matches that of a list of country codes. USA for United States, CAN for Canada, etc. For a full list of supported countries, please see this list.
This call returns a User Object.
Please note that this is not included within the Android and IOS SDKs.
Set Social Networks
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"networks" : [
"facebook",
"instagram",
"twitter"
]
}' 'https://api.Authenticating.com/api/v2/setAvailableNetworks'
This endpoint sets the available social networks for individuals taking a test. For example, if you only send facebook and instagram, then a user will not be permitted to pass social media authentication using Twitter; they would need to use one of the permitted ones you passed in.
This call returns a Simple Response Object.
Please note that this is not included within the Android and IOS SDKs.
Set Contact Required
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"isPhoneRequired" : true,
"isEmailRequired" : false
}' 'https://api.Authenticating.com/api/v2/setContactRequired'
This endpoint sets the requirement for your tests to need both email and phone in order to pass. This defaults to both being required (both true) so that those you choose to take the Contact Proof test must complete both email and phone verification.
If you wish to never require one of those two, (i.e never requiring phone verification) then simply set this to false and only email will be required to pass.
This call returns a Simple Response Object.
Please note that this is not included within the Android and IOS SDKs.
Set Minimum Photo Percent
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"percent" : 40
}' 'https://api.Authenticating.com/api/v2/setPhotoMatchPercent'
This endpoint sets the minimum percentage match needed to pass the photo verification; it defaults to 40% for a pass. You can alter this number if you choose, but we recommend you keep it at 40% as our testing has shown that this is a good base-line number to determine accuracy. Setting it to a higher number, like 80%, will likely cause many people to fail the test.
This call returns a Simple Response Object.
Please note that this is not included within the Android and IOS SDKs.
Set Days To Expire
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"days" : 3
}' 'https://api.Authenticating.com/api/v2/setDaysToExpire'
This endpoint sets the number of twenty four hour periods in which a person can complete their test. This is initialized at three days when a user is created. If you want to change this to a different amount, for example seven days or just one, simply use this endpoint to change how it will effect all of your future test takers.
This call returns a Simple Response Object.
Please note that this is not included within the Android and IOS SDKs.
Get Test Result
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"accessCode" : "636224"
}' 'https://api.Authenticating.com/api/v2/getTestResult'
This endpoint retrieves the test results for a single individual. If the user still has time left to complete the tests, a note will be added to the response to indicate such.
This call returns a Test Result Object.
Please note that this is not included within the Android and IOS SDKs.
Get Test Results
curl -XPOST -H 'authKey: YOUR_COMPANY_API_KEY_GOES_HERE' -H "Content-type: application/json" -d '{
"companyAdminKey" : "YOUR_COMPANY_ADMIN_KEY_GOES_HERE",
"accessCodes" : ["636224","123456","654321"]
}' 'https://api.Authenticating.com/api/v2/getTestResults'
This endpoint retrieves the test results for a bulk set of individuals. If the users still have time left to complete the tests, a note will be added to the response (within each object) to indicate such.
This call returns an array of Test Result Objects.
Please note that this is not included within the Android and IOS SDKs.
FAQ
General
Where do I sign up for an account?
You can sign up for an account here. Once you submit the form, you will be contacted by a representative to discuss your needs and provide you access.
Why do I need to create a User?
Users are created by company administrators because it helps encapsulate details and protects you from being over charged. If we added this functionality into the app, people could create multiple accounts for other people, which could lead to you being charged for tests which you did not intend.
How much does each test cost? Is it cheaper to run tests in Bundles?
Please contact your representative for pricing details. Discounts are available based on volume. As additional checks are added, bundle pricing may be an option.
Android
These docs are nice, but where is my Javadoc?
Got ya covered. JavaDocs can be downloaded here or viewed here.
I see these constant int tags everywhere but where are they coming from?
They are located in the AuthenticatingConstants class, nested under the networking package. You can use your own custom tags with the onTaskComplete listener and the AuthenticatingAPICalls that do not require the listener if you wish.
I am having gradle issues
You might be seeing: “TransformException: DuplicateEntry” or “zipException”: It means that there are multiple versions of the same library in your gradle file. This happens when you include a library that is already nested within this SDK. An example would be if you included Gson / Retrofit / Okhttp in your project when this one already has it.
You can also use these libraries the exact same way you normally would as they are included via a nested Jar file in the SDK.
Pro Tip: click on your manifest and then at the bottom of it (where you would normally alternate between xml and visual on UI) you will see a tab for “Merged Manifest”. This will give you more details on problems and usually how to fix them.
If that still doesn’t fix the issue, try this: Use the following code in your build.gradle file to solve the issue
Android {
configurations {
all*.exclude group: 'com.squareup.okhttp3', module: 'okhttp'
}
}
Where is the Sample Android app and why is it not in with the SDK examples?
The Sample app can be found here. It was made separately on purpose as we wanted the ability to install it on to a phone via an SDK and run it with minimal inclusion.
Can I obfuscate my code without it affecting the SDK functionality?
Sure! If you happen to spot any bugs or reasons why it does not work, just contact us and we will fix it asap. In the interim, just keep the package in your proguard file.
Previous Versions
These docs are pertaining to the current version (v2). If you would like to view older docs to reference previous versions, the links are below:
1) Version 1 Docs - Deprecated on 2018-05-20; End of Life on 2018-12-31.