VerifID Integration

Previous Next

This tutorial is part of the VerifID Series.

Back to VerifID

Category: Intermediate

Difficulty: 3 out of 5

Duration: 30 minutes

1. Overview 2. Interaction 3. Getting started 4. Client registration 5. Endpoint discovery 6. Verification request and response 7. Error response 8. API Call 9. Verification result 10. How to interpret the Affiliation 11. Glossary 12. Next Steps

Find a mistake? Let us know the issue here.

Getting started

The interaction used between the Subscriber and VerifID is the Authorization Code Grant(1) as defined by the OAuth 2. 0 specification (RFC 6749).

Unless explicitly described as optional, all parameters are required (i.e. no parameters are optional) in all request and response payloads. This includes parameters which are described by the OAuth 2.0 specification as optional.

Example URLs are based off the https://example.edu hostname. Your VerifID Service Operator will advise you of the production hostname during Client registration.

The information under “Endpoint discovery” must be considered authoritative when determining which URL will be used for each request.

User Agent

The User-Agent request header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.

For all requests to VerifID endpoints a User-Agent header must be supplied. Requests without a User-Agent header may be denied. Developers should note that this is, sadly, often not a header set by HTTP client libraries, though all libraries should be easily configurable to add this.

Valid formatting for the User-Agent header is described by mdn web docs. To assist in debugging of requests please ensure version information of the VerifID client code you have in production is communicated within the value you provide.

Up Next:

4. Client registration