Passport logo

Passport integration

Widget can be integrated using iframe.

Iframe src attribute MUST contain clientId and client_token parameters. Also it MAY contain referenceId parameter.

Before iframe initialization you MUST retrieve one-time token:

Step 1 - One-time token generation

You must use your client secret for one-time token generation. Please DO NOT use your client secret for iframe initialization as it's not secure.

$clientSecret = 'clientSecret';
$tokenGenerationUrl = 'https://kyc.passport.io/api/v1/verification-token';

$tokenGenerationContext = stream_context_create([
    'http' => [
        'method' => 'POST',
        'header' => [
      'Content-type: application/x-www-form-urlencoded',
      'Authorization: Bearer ' . $clientSecret ,
    ],
        'content' => http_build_query([
            'verify_request_type' => 'user_verification',
        ]),
        'timeout' => 5,
    ]
]);

$token = json_decode(file_get_contents($tokenGenerationUrl , false, $tokenGenerationContext ), true)['token'];

Step 2 - Verification Widget

<iframe src="https://my.passport.io/widget-endusers/?clientId=CLIENT_ID&client_token=SOME_GENERATED_TOKEN_VALUE&referenceId=INTERNAL_USER_ID">

When data is sent, widget will make postMessage({'messageType': 'triggerCloseWidget'}, '*') call to parent window, which is a trigger to close it on client's side.

To receive message from iframe, add event listener "message" to window:

window.addEventListener("message", receiveMessage, false)

function receiveMessage(event) {
  if( event.data['messageType'] == 'triggerCloseWidget') {
    // close iframe
  }
}

Step 3 - Pingback

Once the user is verified, we will send a server-to-server Pingback to your Pingback URL (configurable during onboarding) using the following format:

{
  "data": {
    "status": "approved",
    "resources": [
      {
        "resource": "profile#firstname",
        "value": "Zakhar",
        "status": "approved",
    "properties": {
          "user_uuid": 123
        }
      },
      {
        "resource": "profile#lastname",
        "value": "Sydorenko",
        "status": "approved",
    "properties": {
          "user_uuid": 123
        }
      },
      ...
      {
        "resource": "profile#document",
        "value": {
      "id": 789,
            "url": "http://url.com/download.php",
            "name": "picture.png",
            "type": "user_identity_verification",
            "deletedAt": null
    },
        "status": "approved",
    "properties": {
          "is_deleted": 0,
          "profile_document_id": 123,
          "profile_uuid": 123,
        }
      },
      ...
  ]
  }
}

Integrate Login via QR code

<script type="text/javascript" src="https://auth.passport.io/js/passport-qr-login.js"></script>

<script type="text/javascript">
    passportIo.renderButton({
        baseUrl: 'https://auth.passport.io',
        clientId: 'CLIENT_ID',
        clientSecret: 'CLIENT_SECRET',
        container: PARENT_ELEMENT,
        tokenCallback: function(jsonResponse) {
            if (jsonResponse && jsonResponse.access_token) {
                // success login callback
            }
        }
    });
</script>

Demo of QR code login