QR Code App

This feature can be used to initiate the enrolment process from a web page where an existing registration process could be required to onboard in a secure way the documents of the user.
The concept is very simple, a QR code is shown to the user during the registration process. The user uses an existing mobile application, or an application developed ad hoc that integrates the Uqudo SDK to scan the QR code. The scan of the QR code will trigger the onboarding process. Once the onboarding process is complete the user can follow up on the web page to complete the registration process.
Below you can see a high-level technical overview of what has been described in the chapter above:
From a technical point of view there are 4 main aspects of the process shown in the diagram above:
1.Create a session from the customer backend.
2.JS component to integrate with the WebSocket server and render the QR code. The JS component listens to the onboarding process.
3.Scan the QR code and trigger the onboarding process.
4.Follow up with the registration process.
Create a session
Call the following API to create a session:
$ curl -v \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{"data":"your data"}' \
https://<web socket server base url>/api/v1/session
​
Response:
{
  "sessionId": "",
  "qrCodeText": "",
  "qrCodeTextWithDynamicLink": "",
}
Request:
Property
Type
Optional
Description
<token>
string
No
This is the authorization token needed to authorize the request. Is beyond the scope of this example on how to get the token. See Authorisation token for more details
data
string
No
This property can be used to pass the information to the mobile application in order to instruct the application what the onboarding process should be, e.g. what type of document to scan, enable the reading etc.
Note: If you are using the qr code reader mobile application provided by uqudo, data must be a Base64 encoded json string. Please see below for the structure of the JSON object.
Below you can find the JSON object structure that represents the value for the property data described above when using the qr code reader mobile application provided by uqudo. The definition of every field and possible values are explained in the SDK API described in the Enrollment Flow:
{
  "documents": [
      {
  	    "documentType": "PASSPORT",
  	    "reading": {
    	        "enabled": false,
    	        "isForceReading": false,
    	        "isForceReadingIfSupported": false,
    	        "timeoutInSeconds": -1
  	    },
  	    "isExpiredDocumentAllowed": false,
  	    "isFrontSideReviewEnabled": false,
  	    "isBackSideReviewEnabled": false,
  	    "isUploadEnabled": false,
  	    "isHelpPageDisabled": false,
  	    "faceScanMinimumMatchLevel": 2,
  	    "faceReadMinimumMatchLevel": 3
	}
  ],
  "generalConfig": {
	"secureWindowsEnabled": true,
	"isRootedDeviceAllowed": false,
	"userIdentifier": null,
	"returnDataForIncompleteSession": false
  },
  "backgroundCheck": {
	"enabled": false,
	"checkType": "RDC",
	"disableConsent": false,
	"enableMonitoring": false,
	"skipView": false
  },
  "facialRecognition": {
	"enabled": false,
	"isEnrollFace": false,
	"scanMinimumMatchLevel": 2,
	"readMinimumMatchLevel": 3,
      "maxAttempts": 3
  }
}
Response:
​
Property
Type
Optional
Description
sessionId
string
No
The sessionId should be stored in your backend and should match the one returned by your frontend once the onboarding process is done. It should be matched even with the jti attribute value in the JWS result returned by the uqudo info API
qrCodeText
string
No
This text must be returned to your frontend in order to create the QR code and in order to authenticate the web socket channel with the uqudo web socket server. See JS component​
qrCodeTextWithDynamicLink
string
No
If you use the QR code reader mobile application provided by uqudo use this value to create the QR code instead of qrCodeText. Please note that qrCodeText is still needed to authenticate the web socket channel with the uqudo web socket server as described above.
If a user opens a Dynamic Link on iOS or Android, they can be taken directly to the linked content in the uqudo QR code reader mobile app. If the app is not installed the user is taken to the store and the session can continue after installation and opening the app.
JS component
Integrating with a websocket server is very easy in Javascript and you can use the WebSocket object provided by the browser. Below you can find an example on how to manage the process described in the diagram above:
function startSession() {
    
    var socket = new WebSocket('wss://<websocket server name>/ws/v1/session');
​
    socket.addEventListener('open', function (event) {
        socket.send('qrCodeText'); // this is required to authenticate the web socket channel
​
        // you can create the qrCode at this stage. See example below
        new QRCode(document.getElementById('qrcode_id'), {
            text: 'qrCodeText or qrCodeTextWithDynamicLink',
            width: 128,
            height: 128,
            colorDark: "#000000",
            colorLight: "#ffffff",
            correctLevel: QRCode.CorrectLevel.H
        });
    });
    
    socket.addEventListener('message', function (event) {
        var message = JSON.parse(event.data);
        if (message.service && message.service == 'INFO') {
            socket.close();
            folloupWithRegistration(message.sessionId);
        }
    });
    
    socket.addEventListener('close', function (event) {
        // e.g. remove the qr code
    });
}
The QR code text sent to the server after opening the WebSocket session:
Property
Type
Optional
Description
qrCodeText
string
No
Used to authenticate the web socket channel and to create the QR code if qrCodeTextWithDynamicLink is not used instead
The object received during the onboarding process
​
Property
Type
Optional
Description
service
string
No
​
Possible values:
SCAN
READ
FACE
BACKGROUND_CHECK
INFO
SCAN stands for document scanning. It is returned after a successful scanning of the document
READ stands for document reading, e.g. NFC for Emirates ID. It is returned after a successful read
FACE stands for facial recognition. It is returned after a successful facial recognition
BACKGROUND_CHECK stands for background check. It is returned after a successful background check
INFO is the last step of the onboarding process where the SDK retrieves the final result (JWS). It defines the end of the onboarding process
sessionId
string
No
The session is related to the onboarding session that can be used to follow up with the registration process and retrieve the data collected from the uqudo backend.
Scan the QR code
The QR code reader is used to read the QR code rendered on the web page. The text retrieved from the QR code reader is used to call the uqudo backend to retrieve the information related to the session, as described below:
$ curl -v \
-H 'Authorization: <qrCodeText>' \
<web socket server base url>/api/v1/session
​
Response:
{
  "sessionId": "",
  "token": "",
  "data": ""
}
Or:
$ curl -v \
<web socket server base url>/api/v1/session/{qrCodeText}
​
Response:
{
  "sessionId": "",
  "token": "",
  "data": ""
}
Request:
Property
Type
Optional
Description
<qrCodeText>
string
No
Authorization header or path variable
Response:
Property
Type
Optional
Description
sessionId
string
No
Session ID used to initialize the Uqudo Builder, see  Uqudo Builder Configuration​
token
string
No
Authorization token used to initialize the Uqudo Builder, see Uqudo Builder Configuration​
data
string
No
Data that the application needs to parse in order to know the type of onboarding process to trigger with the uqudo SDK. It could be a JSON object for instance.
After retrieving the session information, you can start the enrolment process using the uqudo SDK. Please refer to Enrolment Flow for details.
The session information related to the qrCodeText gets automatically deleted after 30 minutes after its creation (Create a session) but you can delete it using the request below (e.g. after the KYC session is completed):
$ curl -v \
-X DELETE \
<web socket server base url>/api/v1/session/{qrCodeText}
​
Response status 204 No Content
Follow up with the registration process
After the enrolment process is completed, you can follow up with the registration process using the session id to retrieve the information collected during the onboarding directly from your backend. Please refer to the Info API of the API documentation for details.
Please note that the object returned by the Info API is the same object returned by the uqudo SDK after the enrolment process is completed.

Property	Type	Optional	Description
<token>	string	No	This is the authorization token needed to authorize the request. Is beyond the scope of this example on how to get the token. See Authorisation token for more details
data	string	No	This property can be used to pass the information to the mobile application in order to instruct the application what the onboarding process should be, e.g. what type of document to scan, enable the reading etc. Note: If you are using the qr code reader mobile application provided by uqudo, data must be a Base64 encoded json string. Please see below for the structure of the JSON object.

Property	Type	Optional	Description
sessionId	string	No	The sessionId should be stored in your backend and should match the one returned by your frontend once the onboarding process is done. It should be matched even with the jti attribute value in the JWS result returned by the uqudo info API
qrCodeText	string	No	This text must be returned to your frontend in order to create the QR code and in order to authenticate the web socket channel with the uqudo web socket server. See JS component
qrCodeTextWithDynamicLink	string	No	If you use the QR code reader mobile application provided by uqudo use this value to create the QR code instead of qrCodeText. Please note that qrCodeText is still needed to authenticate the web socket channel with the uqudo web socket server as described above. If a user opens a Dynamic Link on iOS or Android, they can be taken directly to the linked content in the uqudo QR code reader mobile app. If the app is not installed the user is taken to the store and the session can continue after installation and opening the app.

Property	Type	Optional	Description
qrCodeText	string	No	Used to authenticate the web socket channel and to create the QR code if qrCodeTextWithDynamicLink is not used instead

Property	Type	Optional	Description
service	string	No Possible values: SCAN READ FACE BACKGROUND_CHECK INFO	SCAN stands for document scanning. It is returned after a successful scanning of the document READ stands for document reading, e.g. NFC for Emirates ID. It is returned after a successful read FACE stands for facial recognition. It is returned after a successful facial recognition BACKGROUND_CHECK stands for background check. It is returned after a successful background check INFO is the last step of the onboarding process where the SDK retrieves the final result (JWS). It defines the end of the onboarding process
sessionId	string	No	The session is related to the onboarding session that can be used to follow up with the registration process and retrieve the data collected from the uqudo backend.

Property	Type	Optional	Description
<qrCodeText>	string	No	Authorization header or path variable

Property	Type	Optional	Description
sessionId	string	No	Session ID used to initialize the Uqudo Builder, see Uqudo Builder Configuration
token	string	No	Authorization token used to initialize the Uqudo Builder, see Uqudo Builder Configuration
data	string	No	Data that the application needs to parse in order to know the type of onboarding process to trigger with the uqudo SDK. It could be a JSON object for instance.

Last modified 6mo ago