Web SDK Integration Guide

Overview

  1. Video

  2. Steps

Video

Coming Soon!

Requirements

  • humanID Server Credentials, Server Credentials consists of:

    • Server Client ID

    • Server Client Secret

  • App Back-end, to receive authentication Callback from humanID

Note: Feature to obtain Server Credentials and to configure Callback URL is not yet available at humanID Developer Console. Please contact [email protected] and ask for Web Login Integration Set-up

The authentication process can be illustrated in the following diagram:

Steps

1. Create a Log-in Page

Create a Log-in page that contains this button.

Get Log-in button image and put this scripts below into your Web App:

<a href="REPLACE_WITH_TARGET_URL">
<img src="anonymous-login.svg" alt="Anonymous Login with humanID" height="27"/>
<a>

2. Create a Log-in API

When user click the log-in with button, Web App will make request to the App Backend and then page will be redirected to web-login.human-id.org.

To obtain Log-in URL, App Back-end will call API Request Web Log-in Session (See Documentation below). The API call must be done between Host-to-Host in order to protect Server Credentials.

Once App Backend received response that contains Log-in URL, redirect page to given URL to open humanID Web Log-in Page

3. Create a Log-in Callback API

After user successfully Log-in with humanID, page will be redirected to a registered Log-in Callback URL (registered on Developer Console). Callback URL contains Exchange Token, which is a URL Encoded token that will be used to obtain User ID.

A Log-in callback URL is formatted:

<SUCCESS_REDIRECT_URL>?et=<URL_ENCODED_EXCHANGE_TOKEN>

For Example:

https://api.filmreview.example.com/humanid-callback?et=9F27%2BOpExCGqTrk6caay66fb%2FumdjAN0LnmTRgxj%2Fq70FplDictSay0lUQvTqkJ6S7agUwbfGN5bhbbJnRbrIpBI1goDa7qBgN88ZjYnDZDI9YrgEV1qlxTNyrGQp79Oc4rCQOemZT162StlEXsiEeAZRAwDJfele%2F6vQszqc2PtlwQ%3D%3D

URL Decode Exchange Token and use it as parameter to call API Exchange Token (See Details) to obtain User ID.

Once App Backend receive response from API call, use given User ID to authorize User so User could access the Web App contents.

Handle Error Response

If log-in failed, humanID will redirect to configured Log-in Callback URL that formatted:

<FAILED_REDIRECT_URL>?code=<ERROR_CODE>&message=<ERROR_MESSAGE>

To check whether log-in failed or not, simply check if parameter et appended in callback URL

API Documentation

API Request Web Log-in Session

Endpoint URL

POST https://core.human-id.org/v0.0.3/server/users/web-login

Request

  • Headers:

Key

Value

client-id

<SERVER_CLIENT_ID>

client-secret

<SERVER_CLIENT_SECRET>

Content-Type

application/json

  • Query Parameters:

Key

Value

Description

lang

Language to Show

priority_country

  • Response Example

    • Success:

{
"success": true ,
"code": "OK",
"message": "Success",
"data": {
"webLoginUrl": "https://web-login.human-id.org/login?t=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdXJwb3NlIjoid2ViLWxvZ2luL3JlcXVlc3QtbG9naW4tb3RwIiwic2lnbmF0dXJlIjoiODNiMDMxNjMwMTkzMjE5ZjMzNWM2MGI0OGU2MGQ5MzVlZWQ5ZDkzNDNlYjRiZmFjYzRlOTFmMTUxOTVhMDVlNyIsImlhdCI6MTU5OTI3MTczNSwiZXhwIjoxNTk5MjcyMDM1LCJzdWIiOiJTRVJWRVJfR1hJVFM3TlZZM0RETVozNVdVSDdDWCIsImp0aSI6InR1SWdOdU1LMjBseGI3a2pGeG9DUFNMeUx2UE8yNkJuWmtmMHc1WjZvTG9PcTlhZkRMblJGSHh0VHVGZllRSGoifQ.CVUA8DYOAk0nbu0_ftTFNMwtfCJ32hCqY_6MKP43Sg8&a=IO5T8PZH2O15N8SV&lang=en"
}
}
  • Error: Invalid Server Credentials

{ "success": false, "code": "401", "message": "Unauthorized" }

API Exchange Token

  • Endpoint URL

POST https://core.human-id.org/v0.0.3/server/users/exchange
  • Request

    • Headers:

Key

Value

client-id

<SERVER_CLIENT_ID>

client-secret

<SERVER_CLIENT_SECRET>

Content-Type

application/json

  • Body:

{
"exchangeToken": "0BYLCicta3dO5DrTkrfQxo7Z4hxmyAh5OwuVPEGS5SlnBGwY+A/t7BNKzGcZFGqGOnI97nGQJ6SGoMf8vyux+D3AYmk63CR9AUnO7f+zlTL4MX9t2OhBdMZoLNP21ucvnTjiR5EIO7qwnFRVN4VquMCUMV8Kmt7N1s6V3yXHmDM="
}
  • Response Example

    • Success:

{
"success": true,
"code": "OK",
"message": "Success",
"data": {
"userAppId": "<UNIQUE_USER_ID>",
"countryCide": "ID"
}
}

Error Codes

See a full list of error codes on our Github.