Integrate ready-made step-up flows
In this ready-made flow guide, you can learn how to implement ReuseID step-up in your mobile app.
About ReuseID step-up
In a ReuseID step-up flow, there are two required processes that need to be carried out with your app:
- A MobileID device authentication.
- An identity proofing process.
Identity proofing process
For the identity proofing process, ReuseID ready-made step-up supports ReadID and VideoID as identity proofing providers. This is set using the provider parameter in the request body.
You can find an overview of the differences between them in the table below:
| Provider name | Provider value | Description |
|---|---|---|
| VideoID | signicatvideoid | VideoID is one of Signicat's eIDV services for secure online customer onboarding. It enables you to:
|
| ReadID | readid | ReadID is one of Signicat's eIDV services for secure online customer onboarding. The end-user identifies themselves using ReadID's NFC-supported solution to read their ID document. |
If you do not set an identity proofing process provider when you start step-up, then ReuseID uses VideoID by default.
What does it look like?
You can see what a ReuseID step-up looks like in the sequence diagram below:
Sequence diagram showing a ReuseID step-up
1. Start step-up
Before your app starts the MobileID registration, your server must start the ReuseID step-up operation.
To do this, set the provider in the request body to choose the identity proofing provider:
- Provider VideoID
- Provider ReadID
{
"userId": "a1e26081-35b4-4557-a46a-ef50bc91672f",
"deviceId": "b1g73121-55c4-9238-l39j-ek60dc91872g",
"provider": "signicatvideoid",
"videoidProviderOptions": {
"docTypes": [138, 169, 147, 245, 277],
"defaultId": 138
}
}
{
"userId": "a1e26081-35b4-4557-a46a-ef50bc91672f",
"deviceId": "b1g73121-55c4-9238-l39j-ek60dc91872g",
"provider": "readid"
}
To learn more about how the API works, see a complete walkthrough in our ReuseID Quick start guide.
2. MobileID authentication
The next operation that you need to carry out is the MobileID authentication.
To learn how to implement the registration process for Android and iOS, use the panel buttons below.
Operation context
Operation context is a MobileID feature that allows you to send data over an end-to-end encrypted channel between the backend and the mobile app.
In ReuseID, we use this feature to send data related to the ReuseID operation to the app.
In the step-up operation, we use both the pre-operation and post-operation context to share information.
Pre-operation context
After the startAuthentication request, you will get a startAuthenticationResult object. This object contains a pre-operation context.
Response
You can find an example of the response below:
{
"pre_operation_context" : {
"context_content_b64": <signicatOperation>,
"context_mime": "application/json"
}
}
Response object description
You can find a table of descriptions for the response object parameters below:
This parameter can be helpful for designing the end-user flow. For example, the operation parameter can be used to know that this is a ReuseID step-up operation and not a normal MobileID authentication.
Post-operation context
Once the authentication is complete, you will get a finishAuthenticationResult object. This object contains a post-operation context.
Response
You can find an example of the response below:
{
"post_operation_context" : {
"context_content_b64": <signicatOperation>,
"context_mime": "application/json"
}
}
Response object description
You can find a table of descriptions for the response object parameters below:
Signicat operation object
The Signicat operation object (signicatOperation) is used to pass information related to the ReuseID process to the mobile app.
Object
You can find examples of the object below:
- Provider VideoID
- Provider ReadID
{
"signicatOperation": {
"version": "1",
"operation": "authentication",
"provider": "signicatvideoid",
"token": <TOKEN>,
"url": "https://etrust-sandbox.electronicid.eu/v2",
"processType": "substantial",
"processId": "0dca14cf-957d-46d9-b374-520f9c650859",
"videoidProviderOptions": {
"docType": 1,
"docTypes": [1, 2, 3],
"defaultId": 1
}
}
}
{
"signicatOperation": {
"version": "1",
"operation": "authentication",
"provider": "readid",
"token": <TOKEN>,
"url": "https://saas-preprod.readid.com/odata/v1/ODataServlet",
"processType": "sdk",
"processId": "0dca14cf-957d-46d9-b374-520f9c650859"
}
}
Object description
You can find a table of descriptions for the object parameters below:
VideoID provider options object
The VideoID provider options object (videoidProviderOptions) contains VideoID provider-specific configuration options.
You can find a table of descriptions for the object parameters below:
3. Perform identity proofing
Once you have completed the MobileID authentication, start the identity proofing process that matches the provider in the Signicat operation object.
- For VideoID, see the VideoID as provider section.
- For ReadID, see the ReadID as provider section.
VideoID as provider
If the provider is signicatvideoid, then you need to start the VideoID process in your app. To do this:
1. VideoID authorisation
Before starting the VideoID activity, you need to get an authorisation token for VideoID. You can do this by making a request to the videoid.request API:
- Obtain the following parameters from the Signicat operation object:
urltoken
- Input this data into the following example:
Example: Request to get VideoID authorisation tokencurl -X POST <URL>/videoid.request \-H 'Authorization: Bearer <TOKEN>' \-H 'content-type: application/json' \-d '{"process": "Unattended"}'What does
Unattendedmean?In the SDK, the process that you are starting for VideoID is called
Unattended. In other parts of the documentation, you will see us refer to this operation asSubstantial. - After a successful request , you will receive the following response:
Example: Response with VideoID authorisation token{"id": "87a819bd-9419-417a-9e55-cab8789d4115","authorization": "<authorisationToken>"}Note
The
authorizationfrom this request is required in the next step when you start a VideoID activity.
2. Start VideoID activity
Next, you need to start the VideoID activity in your app. You should consider the following when starting the activity:
Code examples
- iOS
- Android
func makeUIViewController(context: Context) -> VideoIDSDK.VideoIDSDKViewController {
let environment: VideoIDSDK.SDKEnvironment = VideoIDSDK.SDKEnvironment(
url: <<url>>,
authorization: <<token>>
)
let viewController = VideoIDSDKViewController(
environment: environment,
docType: <<DocType - Optional>>,
docTypes: <<DocTypes - Optional>>,
idDefault: <<DefaultId - Optional>>,
)
viewController.delegate = self
return viewController
}
// Error Handling
func onComplete(videoID: String) {
// VideoID process succeeded - Handle the next steps here
}
func onError(_ error: VideoIDError) {
// VideoID process failed - Handle the error here
}
val startForResult: ActivityResultLauncher<Intent> = registerForActivityResult(ActivityResultContracts.StartActivityForResult()) { result ->
when (result.resultCode) {
Activity.RESULT_OK -> {
// VideoID scan successful, continue app flow
}
Activity.RESULT_CANCELED -> {
// VideoID failure, handle the error
result.data?.run {
val errorId = getStringExtra(VideoIdServiceActivity.RESULT_ERROR_CODE)
val errorMsg = getStringExtra(VideoIdServiceActivity.RESULT_ERROR_MESSAGE)
}
}
}
}
private fun launchVideoIdActivity(
url: String, authToken: String, defaultId: Int? = null, docType: Int? = null, docTypes: IntArray? = null){
startForResult.launch(Intent(this, VideoIDActivity::class.java).apply {
putExtra(VideoIDActivity.ENVIRONMENT, Environment(URL(url), authToken))
defaultId?.let { putExtra(VideoIDActivity.ID_DEFAULT, it) }
docType?.let { putExtra(VideoIDActivity.ID_DOCUMENT, it) }
docTypes?.let { putExtra(VideoIDActivity.IDS_DOCUMENT, it) }
})
}
To learn more about VideoID and the available customisation options, you can navigate to the SDK documentation available in the ElectronicID dashboard.
ReadID as provider
If the provider is readid, then you need to start the ReadID NFC scanning flow with the ReadID SDK.
The selected ReadID process is created by ReuseID, and your app should use the values returned in the Signicat operation object when continuing from MobileID authentication to identity proofing.
When following the ReadID guide, map the ReuseID values to the ReadID SDK values as shown in the table below:
All values in this table are available in the Signicat operation object.
For platform-specific SDK setup and code examples, see the ReadID SaaS SDK integration guide.