Securitize-iD Integration Tutorial

Summary

This document provides all the required steps to integrate a partner's site with Securitize-iD and the capability of registering attested wallets into a blockchain smart contract.

Securize provides the services to KYC users, as well as the ability to establish if that user complies with a certain set of requirements (attestation requirements) the partner requires from that user. These attestation requirements can simply be that the user is KYCed, but the partner might require that the user resides in a certain jurisdiction (e.g., the United States of America), but doesn’t in specific jurisdictions (e.g, not being a resident in Texas). The attestation rules are quite flexible, and can combine a whole set of user personal identification features to satisfy the partner’s requirements.

To be able to interact with Securitize-iD services:

1. The user needs to sign-in (or up) in Securitize and have a Securitize ID
2. The partner will need to require the user permission to access his profile
3. The partner will need to authenticate in the system
4. The partner will need to interact with the user to obtain his public crypto wallet address

Prerequisites

In order to be able to access Securitize APIs, a set of information and variables have to be shared between Securitize and the Parner, which are summarized in the following table:

<table> <tr> <td><strong>Variable</strong> </td> <td><strong>Value</strong> </td> <td><strong>Comment</strong> </td> </tr> <tr> <td><strong>baseUrl</strong> <p> (SecuritizeID) </td> <td> <ul> <li><a href="https://id.securitize.io/">https://id.securitize.io/</a> (Production) </li> <li><a href="https://id.sandbox.securitize.io/">https://id.sandbox.securitize.io/</a> (Sandbox) </li> </ul> </td> <td rowspan="2" >Take into account, that depending on the environment (Production and Sandbox), <strong><em>issuerID</em></strong> and secret will be different, and the <strong><em>redirecturl</em></strong> will have to be configured in SecID for both environments </td> </tr> <tr> <td><strong>API_BASE_URL </strong> <p> (API Gateway) </td> <td> <ul> <li><a href="https://connect-gw.sandbox.securitize.io/api/">https://connect-gw.securitize.io/api/</a> (Production)</li> <li><a href="https://connect-gw.sandbox.securitize.io/api/">https://connect-gw.sandbox.securitize.io/api/</a> (Sandbox) </li> </ul> </td> </tr> <tr> <td><strong>issuerID</strong> </td> <td>String, like this: "b462d564-7562-4528-a207-86fcdfc1c6d5" </td> <td>Provided by Securitize </td> </tr> <tr> <td><strong>secret </strong> </td> <td>String, like this: "95cacd3d-fbcf-487c-b8f0-60f986ea8968” </td> <td>Provided by Securitize </td> </tr> <tr> <td><strong>contractAddress</strong> <p> (Deployed Smart Contract Address) </td> <td>String like this: “0xB8D7d897BdCe6f6454b54E808461B337058cDB0B” </td> <td>Provided by Securitize </td> </tr> <tr> <td><strong>redirecturl</strong> </td> <td>"https://{partnerSite}" </td> <td>Provided by Partner </td> </tr> </table>

Take into account to change these paramenters in the index.html file:

        const baseUrl = "https://id.sandbox.securitize.io/";
        const API_BASE_URL = "https://connect-gw.sandbox.securitize.io/api/";
        const issuerID = "Provided by Securitize";
        const secret = "Provided by Securitize";
        const redirecturl = "Where the front end Application is hosted"
        const contractAddress = "Provided by Securitize"; // Contract Address 

Securitize ID Flow

In order to access Securitize ID APIs a simple OAuth process takes place, as shown in the figure below:

1. The user accesses the partner's site, and clicks on “Login with Securitize” button
2. The user gets redirected to Securitize-iD’s site, and the redirection URL contains the following information: issuerId, scope of access (info, details, …) and the URL the user will be re-directed once he has finished signing in (or up).

Login & Sign Up with Securitize-iD

Whitelisting the redirect URL

The partner will need to whitelist the URL the user will be redirected to in Securitize. In order to do so, the following script in python can be used.

# Import the required libraries
import requests
from requests_oauthlib import OAuth1
from requests_oauthlib import OAuth2Session
import json
serviceUrl = 'https://sec-id-api.sandbox.securitize.io/v1/'
Issuer ="{Issuer Name}"
issuerID="{issuerID}"
Secret ="{secret}"

body = {'appIcon':{url of the icon},
       'appName':'{Issuer Name}',
       'redirectUrls':['{redirectUrl}']}

response = requests.patch(
   serviceUrl + issuerID ,
   headers={'Authorization': Secret},
   data= body
)

if (response.status_code == 200):
 print("Correctly updated")
else:
 print('Error: ', response.content)

Or using the following CURL:

curl -X PATCH "https://sec-id-api.sandbox.securitize.io/v1/{issuerID}" -H "accept: application/json" -H "Authorization: {secret}" -H "Content-Type: application/json" -d "{body}"

Where:

<table> <tr> <td><strong>Parameter</strong> </td> <td><strong>Description</strong> </td> </tr> <tr> <td><strong>{issuerID}</strong> </td> <td>Is the issuer ID provided by Securitize </td> </tr> <tr> <td><strong>{secret}</strong> </td> <td>Is the {secret} provided by Securitize </td> </tr> <tr> <td><strong>body</strong> </td> <td>

{ 
"appIcon": "Icon url", 
"appName": "The Name of your App or [yourdomain]", 
"redirectUrls": [ 
"https://[yourdomain]/*" ]
}
    

</td> </tr> </table>

Show the Logo

The partner can integrate the Securitize iD button within his own UI. The Partner’s landing page should show a button which links to Securitize iD.

For instance, the partner could use the following code to include in his landing page, which basically creates a button and, once clicked, re-directs the user to Securitize-iD authorization site:

   function showSecuritizeIDLogInLogo(baseUrl, issuerID, redirecturl) {
       var scope = "info";
       var securitizeID = document.getElementById("SecuritizeID");
       var link = document.createElement("a");
       var logo = document.createElement("img");

       var href = baseUrl + "#/authorize" + "?issuerId=" + issuerID + "&scope=" + scope + 
                             "&redirecturl=" + redirecturl;
       logo.src = "./images/securitizeID.png";
       link.href = href;
       link.id = "SecuritizeLogo";
       link.appendChild(logo);
       securitizeID.appendChild(link);
   }

Capture the Token

Once the user has singed–in (or up) in Securitize-ID, he will be redirected back the the partners site. The URL of the redirection will look like this:

{Redirecturl}?code={code}&authorized=true

Hence, the partner will have to capture the information in the parameters of the URL. This can be simply done with the following JavaScript function:

   function captureTOKEN() {
       const queryString = window.location.search;
       const urlParams = new URLSearchParams(queryString);
       const code = urlParams.get("code");
       const authorized = urlParams.get("authorized");
       const country = urlParams.get("country");
       console.log(code, country, authorized);
       if (code != null) { // User has signed-up and has a SecuritizeID
           return code;
       }
   }

User has no Securitize-iD

In case the user has not registered in Securitize-iD before, he will have to sign-up and follow the 5 KYC steps in order to be KYCed by Securitize.

In any case, this is not affecting the way the partner is interacting with the user. By the end of the process, the user will be redirected to the partner’s site exactly in the same way as he had already a verified Securitize-iD. However, in this case, the partner will have to check that the user has been KYCed by Securitize to access the rest of the APIs.

Request JSON Access Token

The partner will need to request Securitize API GW a JSON Access token to be able to interact with the rest of the APIs through a simple request:

curl --location --request POST '{API_BASE_URL}/api/auth/v1/authorize' \
--header 'Authorization: Bearer {secret}' \
--header 'Content-Type: application/json' \
--header 'clientid: {issuerID}' \
--data-raw '{
   "code": "{code}"
}'

Where:

<table> <tr> <td><strong>Parameter</strong> </td> <td><strong>Description</strong> </td> </tr> <tr> <td><strong>{API_BASE_URL}</strong> </td> <td> <ul> <li><a href="https://connect-gw.sandbox.securitize.io/api/">https://connect-gw.securitize.io/api/</a> (Production) <li><a href="https://connect-gw.sandbox.securitize.io/api/">https://connect-gw.sandbox.securitize.io/api/<