Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@onfido/react-native-sdk

Package Overview
Dependencies
Maintainers
1
Versions
61
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@onfido/react-native-sdk

Onfido React Native SDK

  • 2.0.0
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
15K
decreased by-2.08%
Maintainers
1
Weekly downloads
 
Created
Source

npm NPM Build Status

Table of contents

Overview

This SDK provides a drop-in set of screens and tools for react native applications to allow capturing of identity documents and face photos/live videos for the purpose of identity verification with Onfido. The SDK offers a number of benefits to help you create the best on-boarding/identity verification experience for your customers:

  • Carefully designed UI to guide your customers through the entire photo/video-capturing process
  • Modular design to help you seamlessly integrate the photo/video-capturing process into your application flow
  • Advanced image quality detection technology to ensure the quality of the captured images meets the requirement of the Onfido identity verification process, guaranteeing the best success rate
  • Direct image upload to the Onfido service, to simplify integration*

* Note: the SDK is only responsible for capturing and uploading photos/videos. You still need to access the Onfido API to create and manage checks.

  • Supports iOS 10+
  • Supports Android API level 21+
  • Supports iPads and tablets

Getting started

1. Obtaining an API token

In order to start integration, you will need the API token. You can use our sandbox environment to test your integration, and you will find the API tokens inside your Onfido Dashboard. You can create API tokens inside your Onfido Dashboard as well.

2. Creating an Applicant

You must create an Onfido applicant before you start the flow.

For a document or face check the minimum applicant details required are firstName and lastName.

You must create applicants from your server:

$ curl https://api.onfido.com/v3/applicants \
    -H 'Authorization: Token token=YOUR_API_TOKEN' \
    -d 'first_name=Theresa' \
    -d 'last_name=May'

The JSON response has an id field containing a UUID that identifies the applicant. All documents or live photos/videos uploaded by that instance of the SDK will be associated with that applicant.

3. Configuring SDK with Tokens

You will need to generate and include a short-lived JSON Web Token (JWT) every time you initialise the SDK.

To generate an SDK Token you should perform a request to the SDK Token endpoint in the Onfido API:

$ curl https://api.onfido.com/v3/sdk_token \
  -H 'Authorization: Token token=YOUR_API_TOKEN' \
  -F 'applicant_id=YOUR_APPLICANT_ID' \
  -F 'application_id=YOUR_APPLICATION_BUNDLE_IDENTIFIER'

Make a note of the token value in the response, as you will need it later on when initialising the SDK.

Warning: SDK tokens expire 90 minutes after creation.

The application_id is the "Application ID" or "Bundle ID" that was already set up during development.

  • For iOS this is usually in the form of com.your-company.app-name.
    • To get this value manually, open xcode ios/YourProjectName, click on the project root, click the General tab, under Targets click your project name, and check the Bundle Identifier field.
    • To get this value programmatically in native iOS code, see Stack Overflow Page.
  • For Android this is usually in the form of com.example.yourapp.
    • To get this file manually, you can find it in your app's build.config. For example, in android/app/build.gradle, it is the value of applicationId.
    • To get this value programmatically in native Java code, see Stack Overflow Page.

4. Adding the Onfido React Native SDK to your project

This SDK supports React Native versions 0.60.0 and later

If you are starting from scratch, you can follow the React Native CLI Quickstart https://reactnative.dev/docs/getting-started. For examples, once you have installed the React Native tools, you can run:

$ npx react-native init YourProjectName

You cannot use this SDK with Expo: If your project already uses Expo, you will need to follow the eject process https://docs.expo.io/versions/latest/workflow/customizing/.

4.1 Adding SDK dependency through npm

Navigate to the root directory of your React Native project. The rest of this section (section 4) will assume you are in the root directory. Run the following command:

$ npm install @onfido/react-native-sdk --save
4.2 Update your Android build.gradle files

Update your build.grade files to reference the Android SDK, and enable multi-dex. If you build your project using the react-native init, with a build.gradle in the android/ and android/app/ directories, you can run this script to do it:

$ npm --prefix node_modules/@onfido/react-native-sdk/ run updateBuildGradle
To manually update build files without the script

If you want to manually update your build files, you can follow the steps the script takes:

Add the maven link android/build.gradle:

allprojects {
  repositories {
    maven { url "https://dl.bintray.com/onfido/maven" }
  }
}

Enable multidex in android/app/build.gradle:

android {
  defaultConfig {
     multiDexEnabled true
  }
}
4.3 Update your iOS configuration files

Change ios/Podfile to use version 10:

platform :ios, '10.0'

Add descriptions for camera and microphone permissions to ios/YourProjectName/Info.plist:

<plist version="1.0">
<dict>
  <!-- Add these four elements: -->
	<key>NSCameraUsageDescription</key>
	<string>Required for document and facial capture</string>
	<key>NSMicrophoneUsageDescription</key>
	<string>Required for video capture</string>
  <!-- ... -->
</dict>
</plist>

Open Xcode and create an empty swift file in your project root. For example, if your project is called YourProjectName, you can open it from the command line:

open ios/YourProjectName.xcodeproj

Once Xcode is open, add an empty Swift file: File > New File > Swift > Next > "SwiftVersion" > Create > Don't create Header. This will update your iOS configuration with a Swift version. All chaganges are automatically saved, so you can close Xcode.

Install the pods:

cd ios
pod install
cd ..
4.4 Fix dependency conflict between React Native and Onfido Android SDK

When using React Native version <= 0.64.0 there is a dependency conflict with okhttp3 on Android that can cause requests from outside of the Onfido SDK to fail. To fix this you can add the following code to android/app/build.gradle:

android {
    configurations.all {
        resolutionStrategy {
            eachDependency { DependencyResolveDetails details ->
                if (!details.requested.name.contains('onfido')) {
                    if (details.requested.group == 'com.squareup.okhttp3') {
                        details.useVersion '4.9.0'
                    }
                }
            }
        }
    }
}

This will allow the Onfido SDK to use okhttp3 v4.9.0 while still using the React Native version defined elsewhere in your app.

Usage

You can launch the app with a call to Onfido.start. For example, once you have the sdkTokenFromOnfidoServer, your react component might look like this:

import React, {Component} from 'react';
import {Button, View} from 'react-native';
import {
  Onfido,
  OnfidoCaptureType,
  OnfidoCountryCode,
  OnfidoDocumentType,
} from '@onfido/react-native-sdk';

export default class App extends Component {
  startSDK() {
    Onfido.start({
      sdkToken: 'sdkTokenFromOnfidoServer',
      flowSteps: {
        welcome: true,
        captureFace: {
          type: OnfidoCaptureType.VIDEO,
        },
        captureDocument: {
          docType: OnfidoDocumentType.DRIVING_LICENCE,
          countryCode: OnfidoCountryCode.GBR,
        },
      },
    })
      .then(res => console.warn('OnfidoSDK: Success:', JSON.stringify(res)))
      .catch(err => console.warn('OnfidoSDK: Error:', err.code, err.message));
  }

  render() {
    return (
      <View style={{marginTop: 100}}>
        <Button title="Start Onfido SDK" onPress={() => this.startSDK()} />
      </View>
    );
  }
}

1. Creating the SDK configuration

Once you have an added the SDK as a dependency and you have a SDK token, you can configure the SDK:

Example configuration:

config = {
  sdkToken: “EXAMPLE-TOKEN-123”,
  flowSteps: {
    welcome: true,
    captureDocument: {
      docType: OnfidoDocumentType.DRIVING_LICENSE,
      countryCode: OnfidoCountryCode.USA
    },
    captureFace: {
      type: OnfidoCaptureType.VIDEO
    },
  },
}

2. Parameter details

  • sdkToken: Required. This is the JWT sdk token obtained by making a call to the SDK token API. See section Configuring SDK with Tokens.

  • flowSteps: Required. This object is used to toggle individual screens on and off and set configurations inside the screens.

  • welcome: Optional. This toggles the welcome screen on or off. If omitted, this screen does not appear in the flow.

    • Valid values: true, false
  • captureDocument: Optional. This object contains configuration for the capture document screen. If docType and countryCode are not specified, a screen will appear allowing the user to choose these values. If omitted, this screen does not appear in the flow.

  • docType: Required if countryCode is specified.

    • Valid values in OnfidoDocumentType: PASSPORT, DRIVING_LICENCE, NATIONAL_IDENTITY_CARD, RESIDENCE_PERMIT, RESIDENCE_PERMIT, VISA, WORK_PERMIT, GENERIC. Note: GENERIC document type doesn't offer an optimised capture experience for a desired document type.
  • countryCode: Required if docType is specified.

    • Valid values in OnfidoCountryCode: Any ISO 3166-1 alpha-3 code. For example: OnfidoCountryCode.USA.
  • captureFace: Optional. This object object containing options for capture face screen. If omitted, this screen does not appear in the flow.

  • type: Required if captureFace is specified.

    • Valid values in OnfidoCaptureType: PHOTO, VIDEO.
  • userConsent: Optional. This step contains a screen to collect US end users' privacy consent for Onfido. It contains the consent language required when you offer your service to US users as well as links to Onfido's policies and terms of use. The user must click "Accept" to get past this step and continue with the flow. The content is available in English only, and is not translatable.

    • Note that this step does not automatically inform Onfido that the user has given their consent. At the end of the SDK flow, you still need to set the API parameter privacy_notices_read_consent_given outside of the SDK flow when creating a check.

    • If you choose to disable this step, you must incorporate the required consent language and links to Onfido's policies and terms of use into your own application's flow before your user starts interacting with the Onfido SDK.

    • For more information about this step, and how to collect user consent, please visit Onfido Privacy Notices and Consent.

  • localisation: Optional. This object contains localisation configuration. See section Localization for the details.

    • Example usage:
    config = {
      sdkToken: “EXAMPLE-TOKEN-123”,
      localisation: {
        ios_strings_file_name: 'Localizable',
      },
      flowSteps: {
        ...
      },
    }
    

3. Success Response

The response will include a face section if captureFace was specified, document section if captureDocument was specified, or both sections if thery were both requested in the config.

Example:

{
 document: {
   front: { id: "123-abc" },
   back: { id: "345-def" }
 },
 face: {
   id: "456-567",
   variant: "VIDEO" // PHOTO or VIDEO
 },
}

4. Failure Response

The SDK will reject the promise any time the Onfido SDK exits without a success. This includes cases where:

  • the configuration was invalid,
  • the mobile user clicked the back button to exit the Onfido SDK.

Example

{
  code: "config_error",
  message: "sdkToken is missing"
}

5. Localization

Onfido SDKs support a number of out-of-the-box translations. However, you can add your own translations.

Android

By default, custom localisation is enabled on Android. There is no configuration needed on React Native SDK to enable it. You could also provide custom translation for a locale that we don’t currently support, by having an additional XML strings file inside your resources folder for the desired locale. See Localisation section of Android SDK repo for the details.

iOS

If you want to enable custom localisation, add this statement to your configuration object.

localisation: {
  ios_strings_file_name: '<Your .strings file name in iOS app bundle>',
},

In this case SDK will show strings from the provided file. For more detailed explanation please check out Localisation section of iOS SDK repo.

Creating checks

As the SDK is only responsible for capturing and uploading photos/videos, you would need to start a check on your backend server using the Onfido API.

1. Obtaining an API token

All API requests must be made with an API token included in the request headers. You can find your API token (not to be mistaken with the mobile SDK token) inside your Onfido Dashboard.

Refer to the Authentication section in the API documentation for details. For testing, you should be using the sandbox, and not the live, token.

2. Creating a check

You will need to create a check by making a request to the create check endpoint, using the applicant id. If you are just verifying a document, you only have to include a document report as part of the check. On the other hand, if you are verifying a document and a face photo/live video, you will also have to include a facial similarity report with the corresponding values: facial_similarity_photo for the photo option and facial_similarity_video for the video option.

$ curl https://api.onfido.com/v3/checks \
    -H 'Authorization: Token token=YOUR_API_TOKEN' \
    -d 'applicant_id=YOUR_APPLICANT_ID' \
    -d 'report_names=[document,facial_similarity_photo]'

Note: You can also submit the POST request in JSON format.

You will receive a response containing the check id instantly. As document and facial similarity reports do not always return actual results straightaway, you need to set up a webhook to get notified when the results are ready.

Finally, as you are testing with the sandbox token, please be aware that the results are pre-determined. You can learn more about sandbox responses here.

Note: If you're using API v2, please check out API v2 to v3 migration guide to understand which changes need to be applied before starting to use API v3.

Theme Customization

You can customize the SDK by adding a colors.json file to your project at the same level as your node_modules directory. The file should contain a single json object with the desired keys and values. For example:

{
  "onfidoPrimaryColor": "#FF0000",
  "onfidoPrimaryButtonTextColor": "#008000",
  "onfidoPrimaryButtonColorPressed": "#FFA500",
  "onfidoAndroidStatusBarColor": "#A52A2A",
  "onfidoAndroidToolBarColor": "#800080",
  "onfidoIosSupportDarkMode": true
}

Below is a description of all available keys:

  • onfidoPrimaryColor: Defines the background color of views such as the document type icon, capture confirmation buttons, and back navigation button.
  • onfidoPrimaryButtonTextColor: Defines the text color of labels included in views such as capture confirmation buttons.
  • onfidoPrimaryButtonColorPressed: Defines the background color of capture confirmation buttons when pressed.
  • onfidoAndroidStatusBarColor: Android only. Defines the background color of the Toolbar that guides the user through the flow.
  • onfidoAndroidToolBarColor: Android only. Defines the color of the status bar above the Toolbar.
  • onfidoIosSupportDarkMode: iOS Only. Defines if Dark Mode will be supported on SDK screens. The value is true by default.

Once you've added the colors.json to your project, you should add colors.json file to your xcode project as bundle resource. You can create symbolic link (rather than copy paste) to prevent redundancy. You can check out SampleApp project to see example usage. Then when running on an iOS device the values will be picked up dynamically at runtime. For Android devices to pick up the values you will need to run the following command at the same level of your node_modules directory. This will also be run when running the npm --prefix node_modules/@onfido/react-native-sdk/ run updateOnfido command.

$ npm --prefix node_modules/@onfido/react-native-sdk/ run updateColors

Going live

Once you are happy with your integration and are ready to go live, please contact client-support@onfido.com to obtain live versions of the API token and the mobile SDK token. You will have to replace the sandbox tokens in your code with the live tokens.

A few things to check before you go live:

More Information

Troubleshooting

Resolving dependency conflicts

Here are some helpful resources if you are experiencing dependency conflicts between this React Native SDK and other packages your app uses:

General advice

If you see issues, you can try removing node_modules, build directories, and cache files. A good tool to help with this is react-native-clean-project

Discrepancies between underlying Onfido native SDKs

Below is a list of known differences in expected behavior between the Onfido Android and iOS SDKs this React Native SDK wraps:

  • Documents with the type passport uploaded through the iOS SDK will have the side attribute set to null, while those uploaded via Android will have side as front.

Support

Please open an issue through GitHub. Please be as detailed as you can. Remember not to submit your token in the issue. Also check the closed issues to check whether it has been previously raised and answered.

If you have any issues that contain sensitive information please send us an email with the ISSUE: at the start of the subject to react-native-sdk@onfido.com

Previous version of the SDK will be supported for a month after a new major version release. Note that when the support period has expired for an SDK version, no bug fixes will be provided, but the SDK will keep functioning (until further notice).

Copyright 2021 Onfido, Ltd. All rights reserved.

How is the Onfido React Native SDK licensed?

The Onfido React Native SDK is available under the MIT license.

Keywords

FAQs

Package last updated on 11 Jun 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc