Reusable Digital ID
Install the SDK
Once you have added the Yoti SDK dependency to your project, it’s time to initialise a Yoti client as shown in the code snippet below.
Once you have a working button, you can move on to installing the SDK.
To successfully integrate you will need the following information about your application from Yoti Hub:
- SDK ID
- Your application key pair
The Yoti SDKs are available via popular dependency management systems. Further details can be found on the pages of the specific projects.
To install the Yoti SDK:
npm install -S -E yoti
Once you have added the Yoti SDK dependency to your project, it’s time to initialise a Yoti client as shown in the code snippet below.
const yoti = require('yoti')
const CLIENT_SDK_ID = 'YOTI_CLIENT_SDK_ID'
const PEM_PATH = 'YOTI_KEY_FILE_PATH'
const PEM_KEY = fs.readFileSync(PEM_PATH)
// For SDK version < 3
const yotiClient = new yoti(CLIENT_SDK_ID, PEM)
// For SDK version >= 3
const yotiClient = new yoti.Client(CLIENT_SDK_ID, PEM_KEY)
Using Yoti SDK's
The description on how to use the SDK can be found here:
Please read the above for a full description and understanding, below we’ll provide examples on how those requests will expose the new functionality.
const identityProfileRequirements =
{
trust_framework: 'UK_TFIDA',
scheme: {
type: 'DBS',
objective: 'STANDARD',
}
};
const subject =
{
subject_id: 'subject_id_string',
};
const dynamicPolicy = new Yoti.DynamicPolicyBuilder()
.withIdentityProfileRequirements(identityProfileRequirements)
.build();
const dynamicScenario = new Yoti.DynamicScenarioBuilder()
.withCallbackEndpoint("/your-callback")
.withPolicy(dynamicPolicy)
.withSubject(subject)
.build();
async function getShareUrl() {
const shareUrlResult = await yotiClient.createShareUrl(dynamicScenario);
const shareUrl = shareUrlResult.getShareUrl();
return shareUrl;
}
Identity Profile Requirements Explained
Field | Value | Description |
---|---|---|
trust_framework | String | Defines under which trust framework this identity profile should be verified. Enum: UK_TFIDA |
scheme | Object | Defines which scheme this identity profile should satisfy. The scheme must be supported by the specified trust framework otherwise the request is considered invalid. |
type | String | Defines which scheme this identity profile should satisfy. Enum: DBS, RTW, RTR, DBS_RTW |
objective | String | Defines the objective to be achieved for the particular scheme. It must be provided for those schemes where it is mandatory. Example, this is mandatory for DBS and the possible values are: ”BASIC”, “STANDARD”, “ENHANCED”. |
Subject Id Explained
Field | Description |
---|---|
subject_id | allows the RP to track a subject across session creation and session retrieval |
The dynamicScenario can be used to get a shareURL which will be used by the Yoti scripts to generate a Yoti QR code.
Client side view
Once you have your share URL you can send it to the frontend for it to be rendered in a Yoti QR code. Please see example below using the modal QR code.
<!-- Simple Button Generation -->
<head>
<script src="https://www.yoti.com/share/client/"></script>
</head>
<body>
<!-- Yoti element will be rendered inside this DOM node -->
<div id="xxx"></div>
<!-- This script snippet will also be required in your HTML body -->
<script>
window.Yoti.Share.init({
elements: [
{
domId: "xxx",
shareUrl: "getShareUrl",
clientSdkId: "xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
displayLearnMoreLink: true,
skinId: "digital-id-uk"
}
]
});
</script>
</body>
Query parameters
You can append query params to the landing page URL that displays the Yoti button. These will be added to the callback URL.
For example if you load the landing page containing the Yoti button as follows:
https://example.com/?iso=test&user_id=6667
The query parameters (iso=test&user_id=6667) will be returned in the callback URL.
Response
Further details on how to use the SDK to get shared attributes can be found here:
In case of a successful transaction, once the profile is retrieved, the identity profile report can be accessed.
yotiClient.getActivityDetails(oneTimeUseToken)
.then((activityDetails) => {
const rememberMeId = activityDetails.getRememberMeId();
const parentRememberMeId = activityDetails.getParentRememberMeId();
const receiptId = activityDetails.getReceiptId();
const timestamp = activityDetails.getTimestamp();
const profile = activityDetails.getProfile();
const outcome = activityDetails.getOutcome();
// identityProfileReport is the JSON object containing identity assertion and
// verification report.
const identityProfileReport = profile.getIdentityProfileReport().getValue();
})
The identity profile report contains the verified identity details and the verification report that certifies how the identity was verified and how the verification level was achieved.
User experience
There will be instances where we have exhausted all available ‘routes’ to help a user achieve compliance with the requested scheme and not been successful. In these cases the user will not be able to complete the ‘share’, and will be shown a screen which informs them that they cannot continue with the journey in our app. This will trigger a failure sharing scenario, responding back with an associated error code.