FAQ

Credentials and Authentication

Suggest Edits

Credentials / API Keys

To ensure strong API authentication, IDWise utilizes basic authentication with API keys and secrets, along with bearer token authentication. This multi-layered approach enhances security and restricts access to authorized entities, safeguarding the confidentiality and integrity of the exchanged data.

IDWise APIs support the following authentication types:

  1. JWT Bearer Tokens: Used within IDWise SDKs for client-side API calls. A client key is used in the Authenticate API to generate a temporary JWT token, which is then employed in subsequent calls to all client-side APIs.

  2. Backend-to-Backend Keys: Facilitate secure communication between the customer's backend and the IDWise backend. These keys, consisting of API key and API secret pairs, are authenticated through basic authentication. They provide access to specific data stored on the IDWise backend, such as processing results, journey statuses, and deletion operations. Customers can configure these keys to be accessed from specific IP ranges, enhancing security and control over incoming requests.

🚧

Attention

Please note that Backend to Backend API Keys can't be used on the client side, and must be stored in a secure vault only on your backend


Managing your API Keys from the dashboard

Once you login to IDWise Studio go to the Admin section then select the API Keys tab

From here you may create new API Key by clicking on the Create API Key button, then you'll see the following popup:

Where you can give a name to that key and select the key type, once you click on the Generate button you'll be provided with the newly generated API key as following

πŸ“˜

Note

  • You'll see the value of the API key only once, so ensure that you copy it and store it.
  • Ensure that you use the Copy button as not all the key's value is visible.

Configure IP Whitelisting

To configure an IP range for backend-to-backend keys in the IDWise Admin Portal, follow these steps:

  1. Navigate to the Whitelist IPs Section:
    Once logged in, go to the "Whitelist IPs" section.

  2. Add a New IP Address Range:

    • In the "New IP Address" field, enter the desired IP range in CIDR notation. For example, 192.168.0.1/24.
    • Click the "Add IP" button to include this range in the whitelist.

  3. Verify the Allowed IP Addresses:

    • The newly added IP range should now appear under the "Allowed IP Addresses" section.
    • Ensure that the IP range is correct and covers all the necessary addresses for secure backend-to-backend communication.

  4. Save Changes:
    Any changes you make will be automatically saved, and the listed IP addresses will now be allowed to access server key requests. Any IP not on this list will be denied access.

🚧

Attention

Removing all currently listed IPs will allow access from all IPs, which may pose a security risk. Use this feature with caution.

By configuring the IP range, you enhance security and control over incoming requests, ensuring only authorized IP addresses can communicate with IDWise Backend using the backend-to-backend keys.

Authentication

Client SDKs

For client SDKs (Android, iOS, and Web SDKs) authentication, refer to the SDK documentation page for detailed instructions on performing authentication for each SDK.

Backend APIs

IDWise APIs use basic authentication (API Key and API Secret).

πŸ“˜

Readme.io API reference page

On the Readme.io API Reference page, use your customer ID as the username and the generated server API key as the password to create the authentication header.

Add auth credentials to Readme.io API Reference page

URLs

Access the APIs at the following URL: https://api.idwise.com/journey


Updated 5 days ago