Skip to main content

Quick start guide

Learn how to get started with the Assure API to perform identity document verification.

This quick start guide shows you how to:

  1. Get started with Signicat.
  2. Get access to the Assure API.
  3. Get started with our Postman collection to try out the Assure API.
Reading tips

If you want to read more before starting the integration, we recommend the following:

  • The About page with high-level information about use cases and an example user flow.
  • Key concepts in the Assure API to get an introduction to the main components in the Assure API.
  • The API Reference to get familiar with available endpoints.

Set up an API integration

Setting up an API integration is the most flexible way of testing Signicat Assure. You can use your preferred IDE, Framework, Postman, etc. using credentials provided by Signicat.

Initial preparations

If you do not have an account already, then you need to sign up to the Signicat Dashboard for free and complete the initial preparations. To do this:

  1. Sign up to the Signicat Dashboard and register your profile.
  2. Ensure that you have created an organisation.
  3. Create an account. To do this:
    1. Go to Signicat Dashboard > Organisation, then select + Add account.
    2. Enter an account name, choose the type of account that you want to create, then select Create.
  4. Create a domain. To do this:
    1. Go to Signicat Dashboard > Settings > Domain management, then select + Add domain.
    2. To create a standard domain, enter a domain name. Then, select Add domain.
    3. To create a custom domain, follow the instructions in the Custom domains documentation.
Account types

We recommend that you create a sandbox account to test our services before going live. Sandbox and production accounts must be set up separately.

Sandbox accounts

When testing the integration in your default sandbox account (created automatically on sign-up), it is recommended to use dummy data. If you plan to go live or prefer not to share data, you can request your own dedicated sandbox account. This will ensure data privacy and isolation for your testing needs. Then please contact us by creating a support ticket in the Signicat Dashboard.

Get client credentials

To access the Assure API, you must use client credentials (client ID and secret) provided by Signicat. To learn how to obtain your own client credentials, see the the Connect to Signicat APIs Quick start guide.

Add product permission to Assure API

Ensure your API client has the right permissions to the Assure API. Only an administrator in your organisation can add this permission (see Managing roles and permissions).

  • Your administrator sets the permissions on the API client Permissions tab, by selecting Manage product access and the Assure API checkbox.

Once your administrator has enabled the product permission to the Assure API, it should look like this:

Add permissions

Add permissions

In this example screen, the Permissions tab is greyed out, which means this example user has read-only access.

Access to the eIDV providers

After you have obtained your own client credentials, access to the eIDV providers is enabled automatically for sandbox accounts. Testing with sandbox accounts means that the providers will run in test mode. Be aware that some providers (for example Onfido) might return mock responses in test mode.

To enable access to the providers for your production accounts, you need to contact an onboarding manager.

Obtain an access token

Use the above client credentials to obtain an access token.

Want to learn more?

To learn how to do this, see the Obtain an access token section in the Connect to Signicat APIs quick start guide.

Example request:

curl --location 'https://api.signicat.com/auth/open/connect/token' \
--header 'Authorization: Basic c2FuZGJveC1ncmF5LWdhcmRlbi02NDk6Q2U3NXVKWVpTa0hSTW1mYWJpTlBYejFVSkxNWDB1QmV3WmdoaVBycGZLNmpDWW0z' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=signicat-api'

Example response:

{
  "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbmRib3gtc2lnbmluZy1rZXktZmM4NDg1MWQ2NDczYmQ0ZDkyZmYwN2Q2MGJjYzhkMTQiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NzY1NjUyNjUsImV4cCI6MTY3NjU2NTg2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuc2lnbmljYXQuZGV2L2F1dGgvb3BlbiIsImF1ZCI6Imh0dHBzOi8vYXBpLnNpZ25pY2F0LmRldiIsImNsaWVudF9pZCI6ImRldi1yaXBlLXNhaWwtOTc4IiwiYWNjb3VudF9pZCI6ImEtc2RnZS1TbzdOV05PNFpQZjVWaHg5aG9QSSIsImp0aSI6IkRBNTg1RTZGQjBBNUI5NjNEMDUzRTA1OUJCQ0I0MzY2IiwiaWF0IjoxNjc2NTY1MjY1LCJzYW5kYm94Ijp0cnVlLCJzY29wZSI6WyJzaWduaWNhdC1hcGkiXX0.NarwHuNQAUAXK0FDcoTZoHnZvJKKCs8u4B3Dvw0_xbR48MaEvnTtIh80em1k_90P4KJvbzp90IycnrsJxb64EvmCPcPl_kRlqY6bZTlO3fBSsqjJP3IIZBpX1n7rBWBeBB26Brlgdsrmi0PDmPjR7Hmjfgk2zkl-kR4d6ka0oYCSlIR43nNmNbtITqcay5gEkA5GpFeLH8ezIJkTzomeNswsNZs7tLOrz4Lks6BxcHIW3fBnY4go_y2UoQF6qxwZNVbQhRkEEtmPIYvezXGS9JMDOTjtBAxevyt2TsXpPx_IMhSRyHXAP12Q_3HG50-b0l97irEGhVf68N5Z-WgfOA",
  "expires_in": 600,
  "token_type": "Bearer",
  "scope": "signicat-api"
}

When you have received the access token, you can use it in all requests to the Assure API (as the HTTP Bearer authentication header), for example:

curl --location --request POST 'https://api.signicat.com/assure/dossiers' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbmRib3gtc2lnbmluZy1rZXktZmM4NDg1MWQ2NDczYmQ0ZDkyZmYwN2Q2MGJjYzhkMTQiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NzY1NjUyNjUsImV4cCI6MTY3NjU2NTg2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuc2lnbmljYXQuZGV2L2F1dGgvb3BlbiIsImF1ZCI6Imh0dHBzOi8vYXBpLnNpZ25pY2F0LmRldiIsImNsaWVudF9pZCI6ImRldi1yaXBlLXNhaWwtOTc4IiwiYWNjb3VudF9pZCI6ImEtc2RnZS1TbzdOV05PNFpQZjVWaHg5aG9QSSIsImp0aSI6IkRBNTg1RTZGQjBBNUI5NjNEMDUzRTA1OUJCQ0I0MzY2IiwiaWF0IjoxNjc2NTY1MjY1LCJzYW5kYm94Ijp0cnVlLCJzY29wZSI6WyJzaWduaWNhdC1hcGkiXX0.NarwHuNQAUAXK0FDcoTZoHnZvJKKCs8u4B3Dvw0_xbR48MaEvnTtIh80em1k_90P4KJvbzp90IycnrsJxb64EvmCPcPl_kRlqY6bZTlO3fBSsqjJP3IIZBpX1n7rBWBeBB26Brlgdsrmi0PDmPjR7Hmjfgk2zkl-kR4d6ka0oYCSlIR43nNmNbtITqcay5gEkA5GpFeLH8ezIJkTzomeNswsNZs7tLOrz4Lks6BxcHIW3fBnY4go_y2UoQF6qxwZNVbQhRkEEtmPIYvezXGS9JMDOTjtBAxevyt2TsXpPx_IMhSRyHXAP12Q_3HG50-b0l97irEGhVf68N5Z-WgfOA' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data ''

Get started with Postman

We have created a Postman collection that lets you try the Assure API. Select the button below to get the Signicat Assure API collection.

Run in Postman

There are instructions at the start of the collection on how to use the collection template. The examples are using Signicat PictureID as provider.

Next steps

Dive deeper into the integration with the Assure API, using either of these flows:

Capture flow
Use the Capture flow as the quickest way to integrate (web only)
Generic flow
Use the generic flow to integrate with the eIDV providers' SDKs (web and native mobile app)
On this page