About Signicat’s implementation of WebID

WebID is a German eIDV service for online, compliant end-user identification and contract signing.

Signicat has integrated¬† WebID’s Identify Personal solution for end-user identification. Through this service, the merchant can identify their end-users via a video call on any internet-based device with a camera and microphone.

This page describes how to interact with WebID through Signicat’s API. For high-level information and how to integrate with Signicats WebID solution, see the ID methods page for WebID.

Authentication

All requests must be authenticated by means of an OIDC access token with the client.webid.identification scope included. You should supply the token as an Authorization header of type Bearer. For more instructions on how to obtain such a token, please refer to Accessing Signicat REST services.

API

Environment Base URL
Beta https://beta.signicat.com/webid
Preproduction https://preprod.signicat.com/webid
Production https://id.signicat.com/webid

For a full API overview, see the OpenAPI Specification documentation.

Process details

The identification through WebID requires multiple steps, as shown in the following diagram. This diagram is the same as shown on the ID method page for WebID. On this API reference page, a more technically detailed description follows below the diagram. It is, of course, more details in the OpenAPI Specification documentation.

Unless otherwise noted, all communications are of the application/json type.

  1. Create user action: Simply pass in a user action description to the /user-actions/identifications endpoint. Important parts of this description are:
    • Information about end-user to be identified.
    • Process parameters that describe where the end-user will be redirected after the identification.
    • A true boolean value indicating that the end-user has confirmed an agreement to terms and conditions.
    • Callback URL: An URL at the customer site where the notification of the finished identification can be sent. The only thing passed here is the URL to the user action status page which is also included in the creation response. Note: The host part of the URL must be notified to Signicat in advance.
  2. Redirect end-user: The creation response from above includes a user action details which includes a redirectUrl value. This is the URL to redirect your end-users.
  3. Video identification: The end-user participates in a call with a call-center.
  4. Completion: After the end-user is finished, he is forwarded as described in the process parameters.
  5. Status callback: This is the point where your callback URL will be invoked. It will not arrive until the status is finished and, if successful, the evidence files have arrived.
  6. Status retrieval: Retrieve the status from the received URL. It is also possible at any point to read the current status from the URL on the first creation response. It will however not hold the status response or the evidence URL until they are ready.
  7. Evidence retrieval: If the identification was successful, the evidence files may be retrieved from the evidenceFileUrl on the status. Here the media type is application/zip. Tip: These files are between 40 and 200MB in size and will be cleared from the storage within a few days.