Integration¶
Architecture overview¶
To access the XpressID service, Veridas will provide you with the following credentials:
- XpressID_URL: This URL varies depending on the environment (sandbox: https://xpressid-web-work.eu.veri-das.com or production: https://xpressid-web.eu.veri-das.com), region, and other factors. Veridas will provide you with the appropriate URL based on your needs. Use this URL with the XpressID module for seamless integration.
- XpressID_API_URL: This URL also varies depending on the environment and region (sandbox: https://api-work.eu.veri-das.com/xpressid or production: https://api.eu.veri-das.com/xpressid). It points directly to the XpressID application, specifically for the authentication API. Veridas will provide you with this URL as well.
- API_KEY: This is a unique identifier for your client account. Keep this API key confidential and secure as it grants access to your XpressID services through the
XpressID_API_URL
.
To ensure compliance with Veridas' security protocols, clients must provide information regarding the server IPs where XpressID integration is planned. It's important to note that this security measure is exclusive to production environments and does not apply to the sandbox.
Achieving a functional integration of the XpressID service within a customer's infrastructure necessitates interaction with two key elements.
Authentication API¶
To obtain the access tokens necessary for the XpressID module, it is imperative that requests be initiated exclusively from your backend system. These requests should encompass your onboarding flow configuration. The API_KEY
value is particularly crucial in this context. For enhanced security, it is strongly advised to implement precautionary measures, including incorporating a login step before accessing XpressID. Additionally, introducing a captcha step to mitigate potential abuse and enforcing a rate limit mechanism to prevent multiple requests from the same IP address are recommended practices.
Moreover, it is advisable to integrate Distributed Denial of Service (DDoS) mitigation measures to fortify the system against potential malicious attacks. These collective measures contribute to a robust security framework, safeguarding the XpressID integration and ensuring a secure and reliable operation of the service within your application's ecosystem.
XpressID Module¶
In this context, XpressID module is seamlessly integrated into the application as a library, using both the XpressID_URL
and the ACCESS_TOKEN
obtained during the authentication API step. The iOS code for XpressID is designed for frontend implementation. However, to maintain security, refrain from including the API_KEY
variable in the frontend. Manage the API_KEY
exclusively within the backend, where robust security measures can be implemented to mitigate the risk of exposing confidential data through the frontend. A valid XpressID_URL
and access token are essential for a successful launch, emphasizing the need for secure backend handling during the authentication process.
The recommended architecture of a solution with a native application using XpressID service should follow next diagram.
Interaction | Description |
---|---|
1 | The user logs in within your frontend application. |
2 | Your backend application requests a token from XpressID Auth API using the XpressID_API_URL and the API_KEY . You can check how the request is made here |
3 | XpressID Auth API returns the response for the token request. |
4 | Your backend application processes the response from the token request to return the ACCESS_TOKEN to your frontend application. |
5 | Your frontend application will use the XpressID_URL and the ACCESS_TOKEN to launch the XpressID Module. You can see how the module integration works here. |
6 | Module will notify your frontend application when the process is completed. |
Module integration¶
The following steps present the preparations that must be made in order to use XpressID module within your iOS application.
This subsection refers to the Your Frontend App (Native)
block from the diagram above.
- Create a new Xcode Swift project (or use an existing one).
- Add required permissions into
Info.plist
:- Privacy - Camera Usage Description
- Privacy - Microphone Usage Description
- Privacy - Location When In Use Usage Description
- Create a new group with the name
Frameworks
inside the project using Xcode. - Drag and drop all XpressID-iOS distributables (.xcframework) into the
Frameworks
folder using Xcode, a popup will be shown, then select next options:- Action: Copy files to destination
- Groups: Create groups
- Targets: Check your target
- Set the embed option for all xcframeworks to
Embed & Sign
in the target’s General tab. - Make sure the
User Script Sandboxing
build option is set toNo
in the target's Build Settings tab. - Add a Podfile to the project by running the
pod init
command (or update an existing one) and include the following lines:target 'Your target' do use_frameworks! pod 'lottie-ios', '4.4.1' end # Required by lottie-ios post_install do |installer| installer.pods_project.targets.each do |target| target.build_configurations.each do |config| config.build_settings['BUILD_LIBRARY_FOR_DISTRIBUTION'] = 'YES' end end end
- Execute the terminal command
pod install
and open the .xcworkspace file with Xcode. - Now in you code, import
XpressId
and implementXpressIDDelegate
. - Call the module start method
XpressID.start()
using a valid XpressID_URL and access token. (See the integration example for more details).
Once the XpressID process completes or an error occurs, the callback method onXpressIDFinished() will be invoked by XpressID module; indicating whether the process has completed successfully or, on the contrary, there was an error.
To use the NFC feature, it is also necessary to follow the NFC SDK specific integration steps related to Info.plist and Entitlements.
Example: Module integration (Swift)¶
This example presents the minimal code you need to add to your iOS application in order to run XpressID module and at this point you will need the XpressID_URL and a valid Access_Token.
This subsection refers to the steps 8 and 9 of the module integration section.
import UIKit
import XpressId
class ViewController: UIViewController, XpressIDDelegate {
let XPRESSID_URL = "Your XpressID_URL"
let ACCESS_TOKEN = "Your Access_Token"
override func viewDidLoad() {
super.viewDidLoad()
do{
try XpressID.start(delegate: self, controller: self, baseUrl: XPRESSID_URL, accessToken: ACCESS_TOKEN)
}catch{
print(error)
}
}
func onXpressIDFinished(successfully: Bool, error: XpressId.XpressIDError?) {
print("onXpressIDFinished | successfully: \(successfully) | error: \(String(describing: error?.message))")
}
}