Biometric Verification API (1.0)

Download OpenAPI specification:Download

This API allows initiating preconfigured biometric verification flows and downloading the complete set of evidence generated during the process.

Two main operations are available:

  • Start a biometric verification experience based on a predefined configuration
  • Download the generated evidence (documents, media, audit data) in a ZIP file

The verification flow may include:

  • Identity document upload
  • Identity document verification
  • Facial matching
  • Consent acceptance
  • Different types of electronic signing

Authentication is required via OAuth2 using Bearer tokens obtained through the Client Credentials flow.

Authentication

OAuth2

OAuth2 Client Credentials flow. Authenticate your client application using registered credentials to obtain a JWT access token. Token endpoint: https://biometric.{domain_environment}.com/oauth2/token. Replace {domain_environment} according to your environment: use integrationlayer for the sandbox environment and danaconnect for the production environment.

Security Scheme Type OAuth2
clientCredentials OAuth Flow
Token URL: https://biometric.{domain_environment}.com/oauth2/token
Scopes:

    basicAuth

    Basic Authentication using client_id as username and client_secret as password

    Security Scheme Type HTTP
    HTTP Authorization Scheme basic

    BearerAuth

    JWT Bearer Token authentication. After obtaining an OAuth2 token, include it in the Authorization header as: 'Bearer '. Tokens are time-limited and must be refreshed upon expiration. JWTs are signed and contain encoded claims about the client identity.

    Security Scheme Type HTTP
    HTTP Authorization Scheme bearer
    Bearer format "JWT"

    Biometric Operations

    Endpoints for Orchestrating Secure Biometric Verification Flows

    This section provides the core functionality to initiate, manage, and retrieve biometric verification processes within a secure and auditable framework. Designed for high-trust environments (e.g., banking, government, healthcare)

    Start biometric verification circuit

    Initiates a new biometric verification circuit with document verification and signing process.

    The circuit may include:

    • Document upload and verification
    • Biometric verification
    • Facial matching
    • Electronic signing process

    Authentication: Bearer Token required (obtained via OAuth2 client credentials flow)

    Authorizations:
    path Parameters
    channel
    required
    string
    Example: xxxx-xxxxx-45555-55555

    Unique client identifier provided by DANAconnect

    Request Body schema: application/json

    Biometric circuit initiation request

    id
    string

    Unique identifier for the request

    required
    object (PersonalSignerDTO)

    Signer details

    required
    Array of objects (Doc)

    List of PDF documents to sign

    Responses

    Request samples

    Content type
    application/json

    CircuitInitExample

    {
    • "id": "5",
    • "signer": {
      },
    • "docs": [
      ]
    }

    Response samples

    Content type
    application/json

    CircuitInitSuccess

    {}

    Download the generated evidence

    Downloads a ZIP file containing all documents and evidence associated with a completed biometric circuit.

    The ZIP file may include:

    • Signed documents
    • Biometric verification evidence
    • Process metadata

    Authentication: Bearer Token required (obtained via OAuth2 client credentials flow)

    Authorizations:
    path Parameters
    channel
    required
    string
    Example: xxxx-xxxxx-45555-55555

    Unique client identifier provided by DANAconnect

    circuit
    required
    string
    Example: 12ceb3ec-7b76-5555-b263-xx222

    Unique circuit identifier obtained when starting the circuit

    Responses

    Request samples

    const channel = 'YOUR_channel_PARAMETER';
    const circuit = 'YOUR_circuit_PARAMETER';
    const resp = await fetch(
      `https://biometric.integrationlayer.com/api/v1/biometric/document_circuit/${channel}/circuit/${circuit}`,
      {
        method: 'GET',
        headers: {
          Authorization: 'Bearer <YOUR_JWT_HERE>'
        }
      }
    );
    
    const data = await resp.text();
    console.log(data);

    Oauth2 Get Token

    OAuth2 authentication endpoints

    Get OAuth2 access token

    Use the Client Credentials flow to obtain an access token. This requires Basic Authentication, where the client_id is used as the username and the client_secret as the password.

    Authorizations:
    Request Body schema: application/x-www-form-urlencoded

    OAuth2 token request parameters

    grant_type
    required
    string
    Value: "client_credentials"

    OAuth2 grant type. Only 'client_credentials' is supported

    Responses

    Request samples

    Content type
    application/x-www-form-urlencoded

    ClientCredentialsExample

    grant_type=client_credentials

    Response samples

    Content type
    application/json

    TokenResponseExample

    {
    • "access_token": "ttNotNf7lJyPxDwRlZ0J1I-6htOMMWjyhs6tE1NNiHY--eM8ArXUxjnM",
    • "token_type": "Bearer",
    • "expires_in": 1799
    }