Skip to main content

Handshake (Create Journey)

This section explains how the UI based SDKs can be accessed once authentication is completed and a token has been created. Create a journey and receive:
  • transactionId — internal identifier for the journey
  • uiHandle — URL used to start the hosted verification UI

Handshake Request

The handshake request initiates a customer journey. Please note that:
  • You define which components of the IDCanopy product offering you would like to consume with this request.
  • You can configure each component as well as validation data.
  • Define the process name, which will appear on the invoice as billing item.
  • You can enable a developer mode by switching on “magicFlow” in the handshake.

Request Structure

{
  "journey": {
    "customerId": "string",
    "processName": "string"
  },
  "validationData": {
    "fullName": "John Doe",
    "DOB": "1980/01/31",
    "Address": {
      "streetAddress": "123 Main Street",
      "locality": "Anytown",
      "region": "CA",
      "postalCode": "90210",
      "country": "US"
    },
    "IBAN": "DE11XXXX3245664",
    "phoneNumber": "+4915738901234",
    "unstructuredInput": "This is some free unstructured text input for AI, OSINT and other analysis. John@doe.com aged 44, NHL player at Detroit RedWings; He might be in debt and has a Chinese Crested as dog."
  },
  "passThroughData": {
    "userId": "12345"
  },
  "steps": [
    {
      "configuration": {
        "documentVerification": {
          "extraForensics": false,
          "biometricMatching": true,
          "liveness": true,
          "photoIdentPlus": false,
          "permittedDocuments": {
            "allowed": [
              {
                "idType": "passport"
              },
              {
                "idType": "nationalId",
                "bloc": "EEA",
                "excluded": [
                  {
                    "country": "DK"
                  }
                ]
              },
              {
                "idType": "driversLicense",
                "country": ["BG"]
              }
            ]
          }
        }
      }
    },
    {
      "interface": "Umbrella Toolbox",
      "step": "AML",
      "configuration": {
        "SanctionPepAdverseMedia": {
          "monitoring": false,
          "dossier": true
        }
      }
    },
    {
      "interface": "Umbrella Toolbox",
      "step": "Phone Services",
      "configuration": {
        "Mobile Ident": {}
      }
    },
    {
      "interface": "Umbrella Toolbox",
      "step": "General",
      "configuration": {
        "IDV Protocol": {}
      }
    }
  ],
  "matchName": "strict",
  "matchDob": true,
  "magicflow": false,
  "validitySuperpower": false,
  "journeyDuration": "standard"
}

Request DTO

FieldTypeRequiredDescription
journeyobjectYesVerification journey configuration root.
journey.customerIdstringYesUnique identifier for the customer journey.
journey.processNamestringYesHuman-readable process name (appears on invoices/billing).
validationDataobjectNoThe validation_data object houses various fields for different user data types, along with sample values for demonstration purposes.
validationData.fullNamestringNoFull name (e.g., John Doe).
validationData.DOBstringNoDate of birth, format YYYY/MM/DD.
validationData.AddressobjectNoProvide as: structured object (fields below) or single-line string or Google Places short address (locality/region/postal code).
Address.streetAddressstringNoStreet and number.
Address.localitystringNoCity / town.
Address.regionstringNoState / province / region.
Address.postalCodestringNoPostal / ZIP code.
Address.countrystringNoCountry code (ISO 3166-1 alpha-2, e.g., US).
validationData.IBANstringNoInternational Bank Account Number.
validationData.phoneNumberstringNoPhone in E.164 format (e.g., +4915738901234).
validationData.unstructuredInputstringNoA string containing any additional user input you want to send for potential AI analysis by IdCanopy (e.g., email address, profession, etc.).
passThroughDataobjectNoAdditional data relevant to the entire journey (e.g., user ID, reference number).
passThroughData.userIdstringNoYour internal user reference (example key).
stepsarrayNoDefine/override the journey by listing all steps in order. If you use a pre-defined process from us, omit this; with manual config you must provide the full sequence (e.g., Self KYC, Address Verification, AML, SMS, IDV Protocol, IBAN Check).
steps[].configurationobjectNoStep-specific configuration. Each key is a verification module (e.g., documentVerification, SanctionPepAdverseMedia) and its value is that module’s options object.
configuration.documentVerificationobjectNoDocument capture/verification settings.
documentVerification.extraForensicsbooleanNoEnable extra forensic checks.
documentVerification.biometricMatchingbooleanNoEnable face ↔ document photo matching.
documentVerification.livenessbooleanNoEnable liveness checks during selfie capture.
documentVerification.photoIdentPlusbooleanNoEnable additional assisted checks (if available).
documentVerification.permittedDocumentsobjectNoAllowed/blocked document types and regions.
permittedDocuments.allowedarrayNoWhitelist of permitted documents with optional region filters.
allowed[].idTypestringYespassport | national_id | drivers_license.
allowed[].blocstringNoGeo/economic bloc (e.g., EEA) for bulk allow.
allowed[].countryarrayNoAllowed country codes (e.g., ["BG"]).
allowed[].excludedarrayNoExceptions when using bloc.
excluded[].countrystringYesCountry code to exclude (e.g., DK).
configuration.SanctionPepAdverseMediaobjectNo(When step = "AML") Screening settings.
SanctionPepAdverseMedia.monitoringbooleanNoEnable ongoing monitoring registration.
SanctionPepAdverseMedia.dossierbooleanNoReturn enriched dossier details (if available).
configuration["Mobile Ident"]objectNo(When step = "Phone Services") Mobile identity options (empty in example).
configuration["IDV Protocol"]objectNo(When step = "General") General IDV protocol toggles (empty in example).
matchNamestringNoName matching mode. “strict” (requires validation data), “fuzzy” (allows minor typos), “none” (skip matching).
matchDobbooleanNoEnables DoB (date of birth) matching (requires validation data to be passed).
magicflowbooleanNoEnables or disables a special verification flow (details might be specific to your IdCanopy integration).
validitySuperpowerbooleanNoExtends uiHandle validity from 5 → 60 minutes; once the UI is opened, a separate session timeout still applies.
journeyDurationstringNoControls auto-close timeout for the journey. Options: short ≈150s, standard (default) ≈300s, long ≈600s, eternity disables auto-close (use with caution). You may offer a “continue later” option.

Handshake Response

{
  "transactionId": "string",
  "uiHandle": "https://verification.idcanopy.com/init?verificationToken=VERIFICATION_TOKEN",
  "initTimestamp": "string"
}

Handshake Response Structure

FieldTypeDescription
transactionIdstringSensitive journey identifier for tracking/correlation. Do not expose to end-users.
uiHandlestring (URL)Short-lived URL to launch the hosted UI (≈5 min by default; extend via validity_superpower). Use in an iframe or redirect.
initTimestampstringTimestamp when the journey was initialized.

Using the SDK

const { transactionId, uiHandle } = await canopy.journeys.handshake(/* dto above */);
canopy.ui.init({ url: uiHandle }); // iframe or redirect