Authenteq API Documentation
Authenteq API Documentation
Introduction
Create an Account
Documentation
Change Log
Migration Guides
Version Support
Mobile SDK
iOS
Android
React Native
Web
Web Overview
Getting Started
How to Integrate Web?
Examples
API Reference
Export
Export Overview
API Reference
Webhook
Webhook Overview
AML
AML Overview
API Reference
Recognition
Recognition Overview
API Reference
Powered by GitBook

Webhook Overview

After the user passes the identity verification flow successfully, the system can notify you with the result details via your registered webhook.

To register your webhook, please sign in to the Customer Dashboard and specify the URL of your webhook on the API Keys page. There you also can get your client credentials.

On finish of the IDV flow, the system makes a POST request to your webhook with the results details in the request body represented as a MIME message where images are in separate parts.

To secure requests, the system sets the X-CLIENT-ID header to your Client ID and the X-SIGNATURE one to the hex-encoded SHA256 digest of the request body and your Client Secret.

To accept requests, please do the following:

  1. Compare the X-CLIENT-ID header with your Client ID

  2. Access the request body before it's parsed

  3. Calculate the SHA 256 digest of the request body and your Client Secret

  4. Compare the hex-encoded digest with the X-SIGNATURE header

  5. Parse and handle the request body if they are identical

  6. Response with the 200 status code

When your webhook is not accessible or responses with the status code that is not 200, the system retries an attempt in an hour and repeat attempts for a week, so you have time to fix issues on your side.

Below is an example specification of such webhook endpoint.

post
Webhook Endpoint Example

https://example.com/webhook
An example of a webhook endpoint.
Request
Response
Request
Headers
X-CLIENT-ID
required
string
Your Client ID.
X-SIGNATURE
required
string
The hex-encoded SHA256 digest of the request body and your Client Secret.
Content-Type
required
string
Always multipart/form-data.
Form Data Parameters
result
required
string
The result details without images that are in separate parts.
croppedFrontImage
optional
object
The cropped image of the front document side.
croppedBackImage
optional
object
The cropped image of the back document side.
faceImage
optional
object
The extracted portrait.
Response
200: OK
The request handled successfully.
​

​

Export - Previous
API Reference
Next - AML
AML Overview
Last updated 9 months ago