Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
The Yoti Python SDK, providing API support for Login, Verify (2FA) and Age Verification.
Welcome to the Yoti Python SDK. This repo contains the tools and step by step instructions you need to quickly integrate your Python back-end with Yoti so that your users can share their identity details with your application in a secure and trusted way.
An Architectural view - High level overview of integration
References - Guides before you start
Requirements - Everything you need to get started
Installing the SDK - How to install our SDK
SDK Project import - How to install the SDK to your project
Configuration - Entry point explanation
Handling Users - How to manage users
Running the examples - How to retrieve a Yoti profile using the token
API Coverage - Attributes defined
Support - Please feel free to reach out
Before you start your integration, here is a bit of background on how the integration works. To integrate your application with Yoti, your back-end must expose a GET endpoint that Yoti will use to forward tokens. The endpoint can be configured in the Yoti Hub when you create/update your application. For more information on how to create an application please check our developer page.
The image below shows how your application back-end and Yoti integrate into the context of a Login flow. Yoti SDK carries out for you steps 6, 7 and the profile decryption in step 8.
Yoti also allows you to enable user details verification from your mobile app by means of the Android (TBA) and iOS (TBA) SDKs. In that scenario, your Yoti-enabled mobile app is playing both the role of the browser and the Yoti app. Your back-end doesn't need to handle these cases in a significantly different way. You might just decide to handle the User-Agent
header in order to provide different responses for desktop and mobile clients.
To see the versions of Python this SDK is compatible with, see the the GitHub workflow tests file file.
To import the Yoti SDK inside your project, simply run the following command from your terminal:
pip install yoti
You can reference the project URL by adding the following import:
import yoti_python_sdk
After creating your application on the Yoti Hub, you need to download the .PEM
key and save it outside the repo (keep it private).
The variables required for the SDK to work are found in the tabs on your Yoti application's settings page (Yoti Hub). These are:
YOTI_SCENARIO_ID
- This is used to configure the Yoti Login Button (see Front End Integration).YOTI_CLIENT_SDK_ID
- This is the SDK identifier generated by Yoti Hub in the Key tab when you create your app. Note this is not your Application Identifier which is needed by your client-side code.YOTI_KEY_FILE_PATH
- This is the path to the application .pem file, we recommend keeping your .pem file outside of your repository. It can be downloaded only once from the Keys tab in your Yoti Hub. (e.g. /home/user/.ssh/access-security.pem).Please do not open the pem file as this might corrupt the key and you will need to create a new application.
One way to configure these environment variables is to use an .env file. There are .env.example
files supplied in the Django and Flask example projects, which you can rename to .env
and enter your settings into this file. Do not use quotes when entering your environment variables
from yoti_python_sdk import Client
@app.route('/profile')
def auth():
client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
activity_details = client.get_activity_details(request.args['token'])
When you retrieve the user profile, you receive a user ID generated by Yoti exclusively for your application. This means that if the same individual logs into another app, Yoti will assign her/him a different ID. You can use this ID to verify whether (for your application) the retrieved profile identifies a new or an existing user. Here is an example of how this works:
client = Client(YOTI_CLIENT_SDK_ID, YOTI_KEY_FILE_PATH)
activity_details = client.get_activity_details(token)
profile = activity_details.profile
selfie = profile.selfie.value
given_names = profile.given_names.value
family_name = profile.family_name.value
full_name = profile.full_name.value
phone_number = profile.phone_number.value
date_of_birth = profile.date_of_birth.value
postal_address = profile.postal_address.value
structured_postal_address = profile.structured_postal_address.value
gender = profile.gender.value
nationality = profile.nationality.value
email_address = profile.email_address.value
remember_me_id = activity_details.user_id
parent_remember_me_id = activity_details.parent_remember_me_id
receipt_id = activity_details.receipt_id
timestamp = activity_details.timestamp
base64_selfie_uri = activity_details.base64_selfie_uri
You can retrieve the anchors, sources and verifiers for each attribute as follows:
given_names_attribute = profile.given_names
given_names_anchors = given_names_attribute.anchors
given_names_sources = given_names_attribute.sources
given_names_verifiers = given_names_attribute.verifiers
You can also retrieve further properties from these respective anchors in the following way:
source_anchor = given_names_sources[0]
value = source_anchor.value
sub_type = source_anchor.sub_type
timestamp = source_anchor.signed_timestamp
origin_server_certs = source_anchor.origin_server_certs
If you have chosen Verify Condition
on the Yoti Hub with the age condition of "Over 18", you can retrieve the user information as follows:
age_verification_attribute = profile.get_attribute("age_over:18")
You can retrieve the sources and verifiers in the same way as detailed above.
From the Yoti Hub:
localhost:5000
/yoti/auth
To run the Flask or Django container:
cd examples/yoti_example_flask
for Flaskcd examples/yoti_example_django
for DjangoYOTI_SCENARIO_ID
, YOTI_CLIENT_SDK_ID
and YOTI_KEY_FILE_PATH
are set using an .env file (instructions in the Configuration section). Please note that with Docker, the .pem file must reside in a location within where docker is being run from, so it should be placed somewhere under the respective yoti_example_flask/yoti_example_django folders.docker-compose build --no-cache
docker-compose up
user_id
parent_remember_me_id
receipt_id
timestamp
profile
selfie
given_names
family_name
full_name
phone_number
email_address
date_of_birth
postal_address
structured_postal_address
gender
nationality
application_profile
application_name
application_url
application_logo
application_receipt_bg_color
base64_selfie_uri
For any questions or support please email clientsupport@yoti.com. Please provide the following to get you up and working as quickly as possible:
Once we have answered your question we may contact you again to discuss Yoti products and services. If you’d prefer us not to do this, please let us know when you e-mail.
If you're using Windows and you haven't installed Cryptography before, you might need to set two environment variables for Cryptography to install (it is a requirement of the Yoti package):
set LIB=C:\OpenSSL-Win64\lib;%LIB%
set INCLUDE=C:\OpenSSL-Win64\include;%INCLUDE%
Where OpenSSL-Win64
is the location that you have installed OpenSSL to. See here for more information.
FAQs
The Yoti Python SDK, providing API support for Login, Verify (2FA) and Age Verification.
We found that yoti demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.