iSXPay Identity API v1
The iSXPay Identity API services requests involving collecting, verifying or obtaining validated identification for an individual.
The functions available services are broken into the following categories.
Consent
We request the user to authenticate via internal (isxpay) or external (BankID) methods, providing identity information on the user.
This is useful for
- Registering a new user onto your systems with limited steps
- Populating or providing KYC and contact information
Active Identity Checks
We present the user with forms to identify themselves, pre-filled if information is provided via API.
This then takes the user through appropriate identity collection and verification steps to perform a full KYC.
This is useful for
- Registering a new user onto your systems via identity collection and electronic verification where Consent is not available.
- Performing identity validation and enrichment using data you already have, with administrative workflows to collect and validate further needed information as needed.
Passive Identity Checks
We compare information passed to us with internal and external sources to verify such things as PEP, Sanctions, Blacklists, Electronic Verification and government databases.
We provide an immediate response without engaging the user.
This is useful for
- Performing identity validation using data you already have - with an immediate response
- Perform AML/CTF cehcks such as PEP and Sanctions
Scroll down for example requests and responses.
Integration Modes
There are different integration methods used in our identity API's.
Active Mode should be used if you only have some, or no data on the user and need to collect and KYC the user.
Passive Mode should be used if you already have data on the user and just need to verify it as is.
Please note some of the checks require a certain mode.
Active Integration Mode
For the Consent and Active checks that engage the user, there is a callback model which sends you data after the user has finished their engagement.
For these calls, you first register a request with us and we send back an acknowledgement, using the following basic steps.
- You send a IdentityRequest to us, populated with as much information as you have on the user
- We send you an Acknowledgement with information on what to present to the user
- You show the user our UI using either a full page redirect, or via an embedded panel
- We take the user through a information collection process and complete desired checks
-
Once we have completed the process we send you a token:
- Via browser redirection query parameters if using redirect mode, or
- Via a hookable javascript event when using the embedded application
- With this token you can validate the state of the process and collect verification data via a server to server call to us.
- Finally you can then direct the user on with the rest of your process.
The below sequence diagram shows a more detailed version of the above summary.
Passive Integration Mode
For Passive checks , you are returned data immediately, we do not engage the user.
The steps are.
- You collect what data you need from the user
- Send a IdentityRequest to us, populated with as much information as you have on the user
- We send you results immediately
Active Mode API
Create Consent Flow
Code samples
POST /identity/consent
This will request identification or authentication information from the user and return you their appropriate data and a consent token.
In some instances (such as with BankID) this may be as simple for the end user as just logging in.
In order to receive the result of this operation, you will receive a browser based callback via the Self Hosted Callback API
Body parameter
{
"features": [
"BANK_ID_NORWAY",
"BANK_ID_SWEDEN",
"DISABLE_MANUAL_REVIEW",
"PEP",
"SANCTIONS"
],
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
},
"config": {
"state": "transaction-00001",
"returnUrl": "https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IdentityRequest | true | none |
Example responses
200 Response
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"embeddedInclude": "https://transact.isxpay.com/embedded/2b40f399-4b0e-41c3-a19b-ac344c6c0317.js",
"redirectUrl": "https://transact.isxpay.com/lookup/2b40f399-4b0e-41c3-a19b-ac344c6c0317",
"expiry": "2020-10-20T04:27:31.110Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | iSXPay id mapping and redirection URLs | Acknowledgement |
| 401 | Unauthorized | Access token is missing or invalid | None |
| default | Default | If there is an issue with the request, we will return an appropriate message | ErrorResponse |
Get Consent Result
Code samples
GET /identity/consent/result/{token}
When you call you back in either redirect mode with a TOKEN. You then use that token to fetch result of the consent check and the details of the user if available
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token | path | string | true | The token we sent you via either redirect mode callback or embedded javascript callback |
Example responses
200 Response
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "transaction-00001",
"consentResult": "GRANTED",
"consentDetail": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"scope": "/isxpay/identity",
"resource": "/resource",
"created": "2020-10-20T04:27:31.110Z",
"expires": "2020-10-20T04:27:31.110Z"
},
"identity": {
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
},
"identityVerificationResult": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | ConsentResult |
| 401 | Unauthorized | Access token is missing or invalid | None |
| default | Default | Any other responses indicate failure | None |
Create Active Flow
Code samples
POST /identity/check/active
Engage the user to verify their identity. This function performs an active check on the user, collecting additional data from the end user as needed, the process may require manual review so could take seconds to days depending on the users. If you pre-fill the Party information, the user will need to fill in less information, and it is possible the process will complete in just a few seconds if an EV check matches.
In order to receive the result of this operation, you will receive a browser based callback via the Callback API
Body parameter
{
"features": [
"BANK_ID_NORWAY",
"BANK_ID_SWEDEN",
"DISABLE_MANUAL_REVIEW",
"PEP",
"SANCTIONS"
],
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
},
"config": {
"state": "transaction-00001",
"returnUrl": "https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IdentityRequest | true | none |
Example responses
201 Response
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"embeddedInclude": "https://transact.isxpay.com/embedded/2b40f399-4b0e-41c3-a19b-ac344c6c0317.js",
"redirectUrl": "https://transact.isxpay.com/lookup/2b40f399-4b0e-41c3-a19b-ac344c6c0317",
"expiry": "2020-10-20T04:27:31.110Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | iSXPay ID and redirection URL for the authentication | Acknowledgement |
| 401 | Unauthorized | Access token is missing or invalid | None |
| default | Default | If there is an issue with the request, we will return an appropriate message | ErrorResponse |
Get Active Flow Result
Code samples
GET /identity/result/{token}
When you call you back in either redirect mode with a TOKEN. You then use that token to fetch result of the identity check and the details of the user
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token | path | string | true | The token we sent you via either redirect mode callback or embedded javascript callback |
Example responses
200 Response
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "transaction-00001",
"identity": {
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
},
"identityVerificationResult": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | none | IdentityCheckResult |
| 401 | Unauthorized | Access token is missing or invalid | None |
| default | Default | Any other responses indicate failure | None |
Passive Mode API
Passive Verification
Code samples
POST /identity/check/passive
Validate existing information on an identity without engaging the user. This will return right away and has no user input or approval process.
Body parameter
{
"features": [
"BANK_ID_NORWAY",
"BANK_ID_SWEDEN",
"DISABLE_MANUAL_REVIEW",
"PEP",
"SANCTIONS"
],
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
},
"config": {
"state": "transaction-00001",
"returnUrl": "https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IdentityRequest | true | none |
Example responses
201 Response
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | iSXPay ID and redirection URL for the authentication | IdentityVerificationResult |
| 401 | Unauthorized | Access token is missing or invalid | None |
| default | Default | If there is an issue with the request, we will return an appropriate message | ErrorResponse |
Self Hosted Callback API
You host this API or Web Page
Code samples
GET /your_own_server/callback?type={type}&token={token}&state={state}
This API must be provided by your servers.
After our process completes, we will call your server with a TOKEN you can use to request the result and identity.
If using Redirect Mode UI - this page should display content to the end user.
If using Embedded Mode UI - this page should display return an AJAX response to your own javascript.
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| token | query | string | true | The token we sent you via either redirect mode callback or embedded javascript callback |
| type | query | string | true | The type of callback this is, to allow you to call the appropriate API to fetch the result from Fetch Identity API or Fetch Consent API The possible values are consent and identity |
| state | query | string | false | Free form state kept from the original request. You can use this to both control your UI flow after this step, as well as validate this is a genuine request by keeping your own ID in this field. |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | If using Redirect Mode UI - this page should display content to the end user. If using Embedded Mode UI - this page should display return an AJAX response to your own javascript. |
None |
| 401 | Unauthorized | Access token is missing or invalid | None |
User Interface
Redirect Mode UI
In Redirect Mode UI, you redirect the user to us. This will take the user away from your website to complete our process.
We redirect the user back to you with a TOKEN once the process is complete that you then use to fetch the result data from us.
This is the simplest form of integration.
Embedded Mode UI
In Embedded Mode UI, you include some javascript from our servers on your page. This will create an iFrame on your page to show our UI, so the user does not leave your site.
Once complete we call a javascript function on your page with a TOKEN that you then use to fetch the result data from us and close the iFrame.
Example pages
<html>
<head>
<script src="INCLUDE JAVASCRIPT URL WE PASS YOU HERE"></script>
</head>
<body>
<div class="content">
<div id="isxpay-container" class="isxpay-container"></div>
</div>
</body>
<script>
var options = {
container_id: "isxpay-container",
minimum_height: "600",
maximum_height: "750",
language: 'en'
};
isxpay
.setup(options)
.completed(function (e,type,state,token) {
console.log("completed. e=", JSON.stringify(e));
console.log("token to exchange via backchannel is . e=", token);
})
.resized(function (e) {
document.getElementById("isxpay-container").style.height = e["height"] + "px";
console.log("resized. e=" + JSON.stringify(e));
})
.fail(function (e) {
console.log("error. e=" + JSON.stringify(e));
})
.publish();
</script>
</html>
The embedded mode iframe supports fixed and variable heights.
Width is always 100% of the container you provided for it. We require a minimum width of at least 650 pixels.
Options
| Option | Required | Description |
|---|---|---|
| container_id | Yes | The div id where the verify web application will be embedded |
| minimum_height | No | Set the minimum height in pixels the frame can be (default is “600”). We require a minimum height of at least 600 pixels to provide a smooth experience across devices and screen sizes. |
| maximum_height | No | Set the maximum height in pixels the frame can be (default is null) Setting this value limits the frame’s ability to expand in size – overflow will be accessible through scrolling. |
| language | No | Set the language of the web application (default is english). See below changing language in embedded mode. |
Functions
After the iSignthis UI has completed or been closed by the user, it securely notifies your frame. You may then hook onto these events so that you may automatically react and provide a smooth experience to the end user.
| Hook | Description |
|---|---|
| fail | Called when there is a general failure to initialise our UI |
| resized | Notifies that the embedded iframe has been resized - the best size within the limits you set via properties. With the event - you should resize your container to prevent unnecessary scrollbars - and as such, will enhance user experience. The event object will contain a height string with the new frame height in pixels. The parameter will never be less than the minimum height specified or greater than the maximum height specified. |
| completed | Notifies that the process the user is undertaking is complete and you may close the frame and progress the user. You will be given 3 additional parameters. These should be used for the call to your Self Hosted Callback API. |
Schemas
IdentityRequest
{
"features": [
"BANK_ID_NORWAY",
"BANK_ID_SWEDEN",
"DISABLE_MANUAL_REVIEW",
"PEP",
"SANCTIONS"
],
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
},
"config": {
"state": "transaction-00001",
"returnUrl": "https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| features | [string] | true | none | This features affect the workflow we perform on the request so you can control your customer experience when we engage the customer, values available are
|
| party | Party | true | none | Describes an individual or organisation |
| config | RequestConfig | true | none | Information used map data to your systems and redirect the users UI |
RequestConfig
{
"state": "transaction-00001",
"returnUrl": "https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317"
}
Information used map data to your systems and redirect the users UI
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| state | string | true | none | Freeform string, which you can use to map data back on your side. This state value will be used when calling back via the Self Hosted Callback API |
| returnUrl | string(url) | false | none | Return URL that the end-user should be redirect to once they have completed the our process. Must be a valid URL with TLS enabled. This is optional if you use the embedded UI When we call this URL we will append a token paramter to this to allow you to fetch the result. ie https://www.mywebsite.com/result-page/2b40f399-4b0e-41c3-a19b-ac344c6c0317?type=consent&state=your-state&token=fxxjqymcbwdbepgawzmyetdshexdopyf See Self Hosted Callback API for more details. |
Acknowledgement
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"embeddedInclude": "https://transact.isxpay.com/embedded/2b40f399-4b0e-41c3-a19b-ac344c6c0317.js",
"redirectUrl": "https://transact.isxpay.com/lookup/2b40f399-4b0e-41c3-a19b-ac344c6c0317",
"expiry": "2020-10-20T04:27:31.110Z"
}
The gateway will respond immediately with this to let you direct the user appropriately
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | Unique identifier for the request |
| embeddedInclude | string(url) | false | none | The javascript source to include in your UI if you wish to use embedded mode - may not be present if not available |
| redirectUrl | string(url) | true | none | Redirect URL to redirect the user to if you wish to use redirect mode |
| expiry | string(datetime) | true | none | The time after the request will expire. |
IdentityCheckResult
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "transaction-00001",
"identity": {
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
},
"identityVerificationResult": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | Unique identifier for the request |
| state | string | false | none | Your original state value provided in the original reequest |
| identity | Identity | false | none | Describes an identity |
| identityVerificationResult | IdentityVerificationResult | false | none | The result of collection of an identity |
ConsentResult
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "transaction-00001",
"consentResult": "GRANTED",
"consentDetail": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"scope": "/isxpay/identity",
"resource": "/resource",
"created": "2020-10-20T04:27:31.110Z",
"expires": "2020-10-20T04:27:31.110Z"
},
"identity": {
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
},
"identityVerificationResult": {
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | Unique identifier for the request |
| state | string | false | none | Your original state value provided in the original reequest |
| consentResult | string | false | none | Whether the consent was granted or not |
| consentDetail | ConsentDetail | false | none | If the consent was granted, this will be present |
| identity | Identity | false | none | This will contain what information the consent function was able to determine on the user |
| identityVerificationResult | IdentityVerificationResult | false | none | If the consent was passed through an identity check, this will be populated |
Enumerated Values
| Property | Value |
|---|---|
| consentResult | GRANTED |
| consentResult | NOT_GRANTED |
ConsentDetail
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"scope": "/isxpay/identity",
"resource": "/resource",
"created": "2020-10-20T04:27:31.110Z",
"expires": "2020-10-20T04:27:31.110Z"
}
A record that the user consented to this action
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | iSXPay unique identifier for the result |
| scope | string | true | none | The provider and type of this consent, ie isxpay or a third party such as BankId |
| resource | string | true | none | The resource given consent to, such is an identity, account or function |
| created | string(datetime) | false | none | The time after the consent was generated |
| expires | string(datetime) | false | none | The time after the consent will no longer be valid. |
IdentityVerificationResult
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "VERIFIED",
"reasons": [
"PEP Match",
"Sanction Match"
]
}
The result of collection of an identity
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | iSXPay unique identifier for the result |
| state | string | true | none | Overall state of the authentication |
| reasons | [string] | false | none | A list of human readable messages as to why the verification was not successful |
Enumerated Values
| Property | Value |
|---|---|
| state | FAILED |
| state | EXPIRED |
IdentityCollectionResult
{
"id": "15accd0e-b6f8-4f45-bb07-8a492b38625f",
"state": "COMPLETED",
"identity": {
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
}
}
The result of collection of an identity
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | true | none | iSXPay unique identifier for the result |
| state | string | true | none | Overall state of the authentication |
| identity | Identity | false | none | Describes an identity |
Enumerated Values
| Property | Value |
|---|---|
| state | COMPLETED |
| state | FAILED |
| state | EXPIRED |
Identity
{
"uid": "abcacf12-3189-44e5-90b7-82f42e2a2f7f",
"party": {
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
}
Describes an identity
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| uid | string | true | none | the identifier for this identity - this is unique to your api client connection |
| party | Party | false | none | Describes an individual or organisation |
Party
{
"reference": "user-00000112231",
"identification": [
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
],
"title": "Miss",
"firstName": "Sharon",
"middleName": "Michelle",
"lastName": "Barrows",
"addresses": [
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
],
"email": "example@isignthis.com",
"mobile": "+61434444444",
"phone": "+61386400990",
"dob": "1981-10-01",
"citizenshipCountry": "AU",
"birthCountry": "AU",
"legalName": "iSignthis Pty. Ltd.",
"tradingName": "iSXPay",
"jurisdiction": "AU"
}
Describes an individual or organisation
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| reference | string | true | none | A unique identifier for the party |
| identification | [Identification] | false | none | [Describes an a source of government identification such as a drivers license or passport] |
| title | string | false | none | Title for the individual |
| firstName | string | false | none | First name of the individual |
| middleName | string | false | none | Middle name(s) for the individual |
| lastName | string | false | none | Last name for the individual |
| addresses | [Address] | false | none | Address for the party |
| string | false | none | Email address for the party | |
| mobile | string | false | none | Mobile phone number for the party. Must be in the E.123 international phone number format; no spaces allowed. |
| phone | string | false | none | Land line phone number for the party. Must be in the E.123 international phone number format; no spaces allowed. |
| dob | string | false | none | Date of birth for the individual. YYYY-MM-DD format. |
| citizenshipCountry | string | false | none | ISO3166 country (alpha-2) of the individual's country of citizenship. |
| birthCountry | string | false | none | ISO3166 country (alpha-2) of the individual's country of birth. |
| legalName | string | false | none | Legal name of the organisation. |
| tradingName | string | false | none | Trading name of the organisation. |
| jurisdiction | string | false | none | Jurisdiction of the organisation. |
Address
{
"alias": "residential-address-1123123",
"tags": [
"RESIDENTIAL_ADDRSS",
"BILLING_ADDRESS"
],
"fullAddress": "PO Box 24, 42 Arthur Street, Ashfield, NSW 2131, Australia",
"streetNumber": "42",
"street": "Arthur Street",
"secondary": "PO Box 24",
"city": "Ashfield",
"postalCode": "2131",
"subdivision": "NSW",
"country": "AU"
}
Describes a physical address
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| alias | string | true | none | A freeform name or identifier for the physical address |
| tags | [string] | false | none | Tags for the address |
| fullAddress | string | false | none | Full address |
| streetNumber | string | false | none | Street number of the address |
| street | string | false | none | Street of the address |
| secondary | string | false | none | Secondary line of the address |
| city | string | false | none | City of the address |
| postalCode | string | false | none | Postal code of the address |
| subdivision | string | false | none | State/Province of the address |
| country | string | false | none | ISO3166 country (alpha-2) of the address. |
Identification
{
"identificationType": "PASSPORT",
"identificationSubType": "string",
"value": "123566788",
"documentNumber": "P16566565",
"firstName": "eaxmple"
}
Describes an a source of government identification such as a drivers license or passport
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| identificationType | string | true | none | none |
| identificationSubType | string | false | none | extra information on the document, for example a national_id_number may be an SSN or Citzen number |
| value | string | false | none | The value of the identification, such as a drivers license number |
| documentNumber | string | false | none | Of the document |
| firstName | string | false | none | description |
Enumerated Values
| Property | Value |
|---|---|
| identificationType | PASSPORT |
| identificationType | DRIVERS_LICENSE |
| identificationType | NATIONAL_ID |
| identificationType | BIRTH_CERTIFICATE |
| identificationType | BANK_CARD |
| identificationType | NATIONAL_ID_NUMBER |
ErrorResponse
{
"code": "INVALID_SYNTAX_ERROR",
"message": "The syntax of the request body was invalid."
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| code | string | true | none | none |
| message | string | true | none | none |
API Endpoints
Authentication
In order to access any API you will need to authenticate using JSON Web Tokens (JWT).
Key Pairs
Example Key Pair Generation
# Generate private key first - You will be prompted for a secret
# This will generate a 4096RSA private key - which will be encrypted using this secret with AES256
openssl genpkey -aes-256-cbc -algorithm RSA -outform PEM -out private.pem -pkeyopt rsa_keygen_bits:4096
# Once you have generated your private key - you can create a public key
# You will be prompted for your secret to decrypt the private key
openssl rsa -in private.pem -pubout -out public.pem
# private.pem is your private key - do not send this or the secret to iSXPay
# public.pem is your public key
In order to generate a JWT - you will need a RSA key pair.
Once you have a public key - you will need to provide this to iSXPay, who will:
- Register your public key into the iSXPay platform
- Will provide you with a
subvalue or api key.
We require that you use different keys for your sandbox and production accounts.
JWT Generation
Example of just the header and paylod of a JWT
{
"alg":"RS256",
"typ":"JWT"
}
{
"sub":"your.api.key",
"iat":1516239022,
"exp":1516259022
}
Example of an Unencoded JWT with the cryptographic signature
{"alg":"RS256","typ":"JWT"}{"sub":"your.api.key","iat":1516239022,"exp":1516259022}=iRbۆf8_8{/,`
]ILqw0mP0Tȶ
y
_?f^FۭV'@
Q"ruTwx}1_#QH2$(
VeZH!
$E)<5ӆ3l>*zfpߏ&U{PRY]S<ɻAyu識r{#-r$zwTVLIbxp2:(
Example of an Encoded JWT
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ5b3VyLmFwaS5jbGllbnQuY29tbW9uLm5hbWUiLCJpYXQiOjE1MTYyMzkwMjIsImV4cCI6MTUxNjI1OTAyMn0.TlZw9aezd0uP6Uoah2GKeF9uG2GawG-oXOA6_X6w4ey8VLGCDuMkeBl1JTM1xtnekMG2v2lDSMPS7VMbItp31HIsD63mu5poMFLwOXxA_hGbZXkbbrVYGEO0n2UAcCLlRryJythR1qsvlVHd4m30xpF_A7iNRmUi3yH_iMiTCKBi-jx3jVrTGFaOeoGWRWvq0SLMhGBzrtySw80W7qf-EKarB6aY86ss104Yz2Ww-_NYqeoNmcOvW348mVXsZ9lDlglJZwF1TPMm7FUF5deitmHJ7I7Qt7trkciR6uO-Yd571uVSjrpm6VkyZy3-eSabSYnj1jLdw8p4Dmp6eMjoow
Once you have registered your public key with iSXPay and have received your sub value - you will be able to generate JWTs
A JWT contains a header, payload and cryptographic signature which is then base64 encoded and sent in the Authorization HTTP Header with your API request with a type of Bearer
The JWT must be signed by your RSA private key using RS256.
Please see https://jwt.io/ with the algorithm "RS256" for examples on how to do this.
The payload section of the JWT you send must have the following attributes.
| JSON | Description |
|---|---|
{
"alg":"RS256",
"typ":"JWT"
}
|
This is the header of the JWT and must have the following attributes.
|
{
"sub":"your.api.key",
"iat":1516239022,
"exp":1516259022
}
|
This is the payload which specifies your api key (sub), the creation time (iat) and expiry time of the token (exp).
This is the payload of the JWT and must have the following attributes.
|
JWT Usage
Example API request using the encoded JWT
curl -X POST https://api.isxpay.com/v2/api \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ5b3VyLmFwaS5jbGllbnQuY29tbW9uLm5hbWUiLCJpYXQiOjE1MTYyMzkwMjIsImV4cCI6MTUxNjI1OTAyMn0.TlZw9aezd0uP6Uoah2GKeF9uG2GawG-oXOA6_X6w4ey8VLGCDuMkeBl1JTM1xtnekMG2v2lDSMPS7VMbItp31HIsD63mu5poMFLwOXxA_hGbZXkbbrVYGEO0n2UAcCLlRryJythR1qsvlVHd4m30xpF_A7iNRmUi3yH_iMiTCKBi-jx3jVrTGFaOeoGWRWvq0SLMhGBzrtySw80W7qf-EKarB6aY86ss104Yz2Ww-_NYqeoNmcOvW348mVXsZ9lDlglJZwF1TPMm7FUF5deitmHJ7I7Qt7trkciR6uO-Yd571uVSjrpm6VkyZy3-eSabSYnj1jLdw8p4Dmp6eMjoow'
Once you have a JWT - you will need to send this along with your API call.
Examples
Consent: BankID Sweden
Interaction setup
Create Consent flow Request
curl --request POST \
--url https://api.isxpay.com/v2/identity/consent \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJpU1hQYXktdGVzdCIsImlhdCI6MTYwNjk2Mjk2MywiZXhwIjoxNjA2OTY2NTYzfQ.TJXtHvBSNpFQb6meVDGuqZZhwPuf8MvmrIWP-qrE14bj_y65CsxwIaCOPyszQj3KYHnfFnkGXbQBBFkxNU9q03gqZRVtYQBQqYUY-LlJiwKM-HNI9dcEQynRzvT_AkUMY4i65p3Ix2RE-RTaiu9vYd8XvZ8XYWMHuoA8nUqcq3NruIQqDcCPyMGXxDVLLjSU-bbt3c73RNfw72EvZImHwI217JISqW6ubKMtaU2zfGbtBEjlxyCw84jB3_IY8h2Il96vkX_ccLx8NWgfMYGyUgP4uVDb1bof7QTg_zhzrfhH-M6fA50fAJ8TFlWs29KCl5cP7wTcX2xMXHchbj_SUBCdvnIxSG0JytfR3eidqL5-Cr5mduo70Zxd0r30uSc9pE3Mq_hC3aq0XzATy9ALlxdDFnKD3OzaiRZbd3wCU5K_TAFS7SCkqboo_dN2tsMnxiLOog3E8W7HvZBf9Z4OdPWfdakyLikiNN-Ka3dyaQUQlhV6PcF0qSf1LXaNA5HhWhkxxpt5qIJKd0Quu0yJUHwzanKYH-1Ih77cprhVn9iYWeNncdDTl49eokyZYycgz4rNYVSyxJYVj_0xhOmRWHmPxHeq7XQl3OMEvAoMGG_AXaeml6zC9oT7fhaX4-o_7ttxEJ1IQNORb0agjsOe5hWr7wPKwx4FOXIvDlzeCDw' \
--header 'Content-Type: application/json' \
--data '{
"features": [
"BANK_ID_SWEDEN"
],
"party": {
"reference": "10022"
},
"config": {
"state": "79675d0e-350f-11eb-adc1-0242ac120002",
"returnUrl": "https://example.com"
}
}'
In this example - a merchant will be using the iSXPay API in order to authenticate an end user to BankID Sweden.
Once the end user has initiated registration with the merchant - the merchant keeps track of the authentication with
their own identitifer for the interaction: 79675d0e-350f-11eb-adc1-0242ac120002. The merchant stores this on their
side - and will be used as the state value.
Furthermore - the merchant has a unique identifier for the user - in this case 10022.
The merchant then, via server to server API; calls iSXPay to create a consent flow. They provide:
- A Generated JWT for authentication
BANK_ID_SWEDENas the feature- The user identifier
10022 - The state value
79675d0e-350f-11eb-adc1-0242ac120002 - The return URL
Create Consent flow Response
{
"id": "76a463d0-15f0-40b5-85d3-1bdda648b30a",
"embeddedInclude": "https://transact.isxpay.com/embedded/c0cc9419-8167-440f-add9-631209bb4ba6.js",
"redirectUrl": "https://transact.isxpay.com/lookup/c0cc9419-8167-440f-add9-631209bb4ba6",
"expiry": "2020-12-03T03:40:53.533Z"
}
The merchant stores the response information, and then prompts the end user to authenticate with BankID.
End user prompt
The merchant can decide to display the authentication either as:
- A full page redirect
- Embedded on their website
Full page redirect
The merchant redirects the end user's browser to the redirectUrl parameter returned from the create consent flow
response:
https://transact.isxpay.com/lookup/c0cc9419-8167-440f-add9-631209bb4ba6
The end user will then continue with the BankID authentication process.
After they complete this - the end user's browser will then be redirected back to the merchants website.
The full URL the end user will be redirected to will compose of:
returnUrl- sent via the create consent flow requeststateandtypeparameters that the merchant may use to link back to the original interactiontokenparameter needed to lookup the result.
https://www.isignthis.com?type=consent&state=79675d0e-350f-11eb-adc1-0242ac120002&token=9fe8adb9-a1f6-4e0a-b209-bd186d6846b5
This endpoint on the merchants website will store this information - and make a server to server API call in order to check the result.
Embedded
Example Merchant Page
<html>
<head>
<script src="https://transact.isxpay.com/embedded/c0cc9419-8167-440f-add9-631209bb4ba6.js"></script>
</head>
<body>
<div class="isignthis-wrapper">
<div id="isignthis-container" class="isignthis-container">
</div>
</div>
<div class="other-content">
...
</div>
<script>
var options = {
container_id: "isignthis-container",
minimum_height: "600",
maximum_height: "750",
language: 'en'
};
isignthis.setup(options)
.completed(function (e, type, state, token) {
$.post("result.html",
{
type: type,
state: state,
token: token
},
function (data) {
if (data['approved']) {
window.location.replace("welcome_aboard.html");
} else {
window.location.replace("sorry.html");
}
});
})
.fail(function (e) {
window.location.replace("500.html");
})
.resized(function (e) {
// Resize the container
document.getElementById("isignthis-container").style.height = e["height"] + "px";
})
.publish();
</script>
</body>
</html>
The merchant imports a javascript file into their DOM, using the embeddedInclude field returned from the create
consent flow response.
They set up the UI with options so that:
- If the BankID process completes, the browser will make an AJAX call to the merchant's website
- Based on the result of the AJAX call the merchant may direct the end user to a different part of their website
The end user will then start the BankID authentication process.
After completion- the end user's browser will trigger the completed event hook.
The parameters will compose of:
- state and type parameters that the merchant may use to link back to the original interaction:
- type:
consent - state:
79675d0e-350f-11eb-adc1-0242ac120002
- type:
- token parameter needed to lookup the result.
- token:
9fe8adb9-a1f6-4e0a-b209-bd186d6846b5
- token:
The end user's browser will then POST these attributes the merchants page via AJAX: result.html
This endpoint on the merchant's website will store this information - and make a server to server API call in order to check the result.
Validate Result
Given that the type is a consent - the merchant knows to validate a consent flow. As they have the state value - they can also link this validation back to the original interaction.
With the token, they may request the consent result, via a server to server API call. As the JWT token they generated previously is still valid - they decide to reuse it for this call.
They provide the token returned in order to lookup the result as a path parameter.
Get Consent flow Result Request
curl --request GET \
--url https://api.isxpay.com/v2/identity/consent/result/9fe8adb9-a1f6-4e0a-b209-bd186d6846b5 \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJpU1hQYXktdGVzdCIsImlhdCI6MTYwNjk2Mjk2MywiZXhwIjoxNjA2OTY2NTYzfQ.TJXtHvBSNpFQb6meVDGuqZZhwPuf8MvmrIWP-qrE14bj_y65CsxwIaCOPyszQj3KYHnfFnkGXbQBBFkxNU9q03gqZRVtYQBQqYUY-LlJiwKM-HNI9dcEQynRzvT_AkUMY4i65p3Ix2RE-RTaiu9vYd8XvZ8XYWMHuoA8nUqcq3NruIQqDcCPyMGXxDVLLjSU-bbt3c73RNfw72EvZImHwI217JISqW6ubKMtaU2zfGbtBEjlxyCw84jB3_IY8h2Il96vkX_ccLx8NWgfMYGyUgP4uVDb1bof7QTg_zhzrfhH-M6fA50fAJ8TFlWs29KCl5cP7wTcX2xMXHchbj_SUBCdvnIxSG0JytfR3eidqL5-Cr5mduo70Zxd0r30uSc9pE3Mq_hC3aq0XzATy9ALlxdDFnKD3OzaiRZbd3wCU5K_TAFS7SCkqboo_dN2tsMnxiLOog3E8W7HvZBf9Z4OdPWfdakyLikiNN-Ka3dyaQUQlhV6PcF0qSf1LXaNA5HhWhkxxpt5qIJKd0Quu0yJUHwzanKYH-1Ih77cprhVn9iYWeNncdDTl49eokyZYycgz4rNYVSyxJYVj_0xhOmRWHmPxHeq7XQl3OMEvAoMGG_AXaeml6zC9oT7fhaX4-o_7ttxEJ1IQNORb0agjsOe5hWr7wPKwx4FOXIvDlzeCDw'
Get Consent flow Result Response
{
"id": "76a463d0-15f0-40b5-85d3-1bdda648b30a",
"state": "t79675d0e-350f-11eb-adc1-0242ac120002",
"consentResult": "GRANTED",
"consentDetail": {
"id": "e7190196-29fd-4cd8-a9a8-e0d3fe7084db",
"scope": "/swe-bank-id",
"resource": "/identity",
"created": "2020-12-03T03:40:53.533Z",
"expires": "2020-12-04T03:40:53.533Z"
},
"identity": {
"party": {
"identification": [
{
"identificationType": "NATIONAL_ID",
"value": "198202228287"
}
],
"firstName": "Test",
"lastName": "User",
"addresses": []
}
},
"identityVerificationResult": {
"id": "0c8b3f9d-adcb-482b-b740-99705bf49182",
"state": "VERIFIED",
"reasons": []
}
}
The merchant sees that:
- identityVerificationResult has a VERIFIED state.
- identity.party has been populated with personal identity information from BankID.
With this - the merchant may onboard the end user, and concludes the consent flow for BankID.