# Quick start guide for Assure

This quick guide describes how to try out Signicat's Identity Proofing solution, Assure, using the following approaches:

If you want to read more before trying it out, we recommend the following topics:

# Try the Assure demo

The Assure demo (opens new window) allows you to test a subset of the Signicat Assure functionality (apps). It is not a product on its own but it integrates with the Assure API. This is an easy way to get an initial impression of what you can do with Signicat Assure.


The Assure demo is a non-production tool. We have created it for testing and demonstration purposes. It is just an example of how the verification flow could be implemented using the different SDKs. The screens you see in the the provider flow section (C)) will probably look differently in your own implementation.

The Assure API can be used either in a web or in a native (mobile) context. In this section, we show images from the Assure demo in a web environment.

The following steps show a typical user flow where we use Onfido's native SDK to take a photo of an ID document and a selfie to match those images.

The steps are divided into the following main parts:

# A: Create dossier and process

You can access the Assure demo from this link:http://labs.signicat.com/assure-test-server/ (opens new window).

Once your are logged in, you can create a dossierfor the end-user information:

Create dossier click-to-zoom

Inside the dossier, you create a process for the identity verification:

Create process click-to-zoom

Provider notes

  • If you want to test with Electronic IDentification, please contact Signicat at support@signicat.com to be added as an agent on their registration authority application. This is necessary for your verification requests to be manually approved by someone (which is a step that is required by Electronic IDentification).
  • ReadID and FaceTec are not available for web in the Assure demo. Instead, you must download the native mobile app to run on your Android or iOS device (select the download button at the top of the Assure demo screen).

# B: Configure the provider

In this example, we have selected Onfido's native SDK. We want to take a photo of an ID document and a selfie to match those images.

You can keep most of the standard settings, as in the following example (see more details below the image):

Configuration of Onfido click-to-zoom

  • Process type: We have chosen Document + Selfie since we want to take a photo of an ID document and a selfie to match those images. The available process type options vary from provider to provider. For a full overview, see the processType description in the OpenAPI documentation (opens new window).
  • Native means using Onfido's own SDK instead of Signicat's own Capture UI.
  • Redirect means the user is redirected to a web browser to perform the verification, instead of verifying with the QR code on a mobile device.

# C: Follow the provider's verification process

After you have set up the provider (here Onfido) in the Assure demo, you are now redirected to the provider's web SDK view and are asked to verify your identity. Then you can just follow the instructions on the provider-specific UI.

Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide
Slideshow slide

# D: Review the result manually

After the verification is complete, you are redirected to the Dossier page in the Assure demo and can review the result manually:

Select dossier link click-to-zoom

Here you can immediately see the status of the process (accepted).

You can also inspect the result in more detail by clicking the Process id link. Here, you can see the provider specific information with the results from the analysis:

Select dossier link click-to-zoom

# Set up an API integration

Before you start the integration

Before you set up an API integration, it is recommended to familiarise yourself with the most common integration use cases (see for example the Onfido use case in the Provider-specific section) and the OpenAPI documentation (opens new window) to learn about available endpoints and their properties.

Setting up an API integration is the most flexible way of testing Signicat Assure. You can use your preferred IDE, Framework, Postman, etc. using credentials provided by Signicat.

# Initial preparations

The setup descriptions below assume you have completed the following initial preparations:

# Get client credentials

To access the Assure API, you must use client credentials (client ID and secret) provided by Signicat. You can either obtain your own client credentials, or use the demo credentials:

  • To obtain your own client credentials, see the general step-by-step guide, Accessing API products.
  • If you just want to quickly try out the Assure API, you can use the following demo credentials:
    • Client ID: sandbox-gray-garden-649
    • Secret: Ce75uJYZSkHRMmfabiNPXz1UJLMX0uBewZghiPrpfK6jCYm3

    Do not use PII data with the demo credentials

    Anyone can use these demo credentials. Please ensure that you DO NOT use or provide anything that contains PII data while using the demo credentials.

# Obtain an access token

Use the above client credentials to obtain an access token. For details on how to do this, see the general section, Obtaining an access token.

Example request:

curl --location 'https://api.signicat.com/auth/open/connect/token' \
--header 'Authorization: Basic c2FuZGJveC1ncmF5LWdhcmRlbi02NDk6Q2U3NXVKWVpTa0hSTW1mYWJpTlBYejFVSkxNWDB1QmV3WmdoaVBycGZLNmpDWW0z' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=signicat-api'

Example response:

  "access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbmRib3gtc2lnbmluZy1rZXktZmM4NDg1MWQ2NDczYmQ0ZDkyZmYwN2Q2MGJjYzhkMTQiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NzY1NjUyNjUsImV4cCI6MTY3NjU2NTg2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuc2lnbmljYXQuZGV2L2F1dGgvb3BlbiIsImF1ZCI6Imh0dHBzOi8vYXBpLnNpZ25pY2F0LmRldiIsImNsaWVudF9pZCI6ImRldi1yaXBlLXNhaWwtOTc4IiwiYWNjb3VudF9pZCI6ImEtc2RnZS1TbzdOV05PNFpQZjVWaHg5aG9QSSIsImp0aSI6IkRBNTg1RTZGQjBBNUI5NjNEMDUzRTA1OUJCQ0I0MzY2IiwiaWF0IjoxNjc2NTY1MjY1LCJzYW5kYm94Ijp0cnVlLCJzY29wZSI6WyJzaWduaWNhdC1hcGkiXX0.NarwHuNQAUAXK0FDcoTZoHnZvJKKCs8u4B3Dvw0_xbR48MaEvnTtIh80em1k_90P4KJvbzp90IycnrsJxb64EvmCPcPl_kRlqY6bZTlO3fBSsqjJP3IIZBpX1n7rBWBeBB26Brlgdsrmi0PDmPjR7Hmjfgk2zkl-kR4d6ka0oYCSlIR43nNmNbtITqcay5gEkA5GpFeLH8ezIJkTzomeNswsNZs7tLOrz4Lks6BxcHIW3fBnY4go_y2UoQF6qxwZNVbQhRkEEtmPIYvezXGS9JMDOTjtBAxevyt2TsXpPx_IMhSRyHXAP12Q_3HG50-b0l97irEGhVf68N5Z-WgfOA",
  "expires_in": 600,
  "token_type": "Bearer",
  "scope": "signicat-api"

When you have received the access token, you can use it in all requests to the Assure API (as the HTTP Bearer authentication header), for example:

curl --location --request POST 'https://api.signicat.com/assure/dossiers' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InNhbmRib3gtc2lnbmluZy1rZXktZmM4NDg1MWQ2NDczYmQ0ZDkyZmYwN2Q2MGJjYzhkMTQiLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NzY1NjUyNjUsImV4cCI6MTY3NjU2NTg2NSwiaXNzIjoiaHR0cHM6Ly9hcGkuc2lnbmljYXQuZGV2L2F1dGgvb3BlbiIsImF1ZCI6Imh0dHBzOi8vYXBpLnNpZ25pY2F0LmRldiIsImNsaWVudF9pZCI6ImRldi1yaXBlLXNhaWwtOTc4IiwiYWNjb3VudF9pZCI6ImEtc2RnZS1TbzdOV05PNFpQZjVWaHg5aG9QSSIsImp0aSI6IkRBNTg1RTZGQjBBNUI5NjNEMDUzRTA1OUJCQ0I0MzY2IiwiaWF0IjoxNjc2NTY1MjY1LCJzYW5kYm94Ijp0cnVlLCJzY29wZSI6WyJzaWduaWNhdC1hcGkiXX0.NarwHuNQAUAXK0FDcoTZoHnZvJKKCs8u4B3Dvw0_xbR48MaEvnTtIh80em1k_90P4KJvbzp90IycnrsJxb64EvmCPcPl_kRlqY6bZTlO3fBSsqjJP3IIZBpX1n7rBWBeBB26Brlgdsrmi0PDmPjR7Hmjfgk2zkl-kR4d6ka0oYCSlIR43nNmNbtITqcay5gEkA5GpFeLH8ezIJkTzomeNswsNZs7tLOrz4Lks6BxcHIW3fBnY4go_y2UoQF6qxwZNVbQhRkEEtmPIYvezXGS9JMDOTjtBAxevyt2TsXpPx_IMhSRyHXAP12Q_3HG50-b0l97irEGhVf68N5Z-WgfOA' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data ''
Last updated: 28/04/2023 09:13 UTC