Skip to main content

Handshake (Create Journey)

The handshake is an API call that creates a verification journey and returns a uiHandle. Create a journey and receive:
  • transactionId — internal identifier for the journey
  • uiHandle — URL used to start the hosted verification UI

Handshake Request

The handshake request initiates a customer journey. Please note that:
  • You define which components of the IDCanopy product offering you would like to consume with this request.
  • You can configure each component as well as validation data.
  • Define the process name, which will appear on the invoice as billing item.
  • You can enable a developer mode by switching on “magicFlow” in the handshake.

Request Structure

{
  "journey": {
    "customerId": "string",
    "processName": "string"
  },
  "validationData": {
    "fullName": "John Doe",
    "DOB": "1980/01/31",
    "address": {
      "streetAddress": "123 Main Street",
      "locality": "Anytown",
      "region": "CA",
      "postalCode": "90210",
      "country": "US"
    },
    "iban": "DE11XXXX3245664",
    "phoneNumber": "+4915738901234",
    "unstructuredInput": "This is some free unstructured text input for AI, OSINT and other analysis. [email protected] aged 44, NHL player at Detroit RedWings; He might be in debt and has a Chinese Crested as dog."
  },
  "passThroughData": {
    "userId": "12345"
  },
  "steps": [
    {
      "id": "1",
      "type": "documentVerification",
      "interface": "Umbrella Toolbox",
      "blocking": true,
      "configuration": {
        "extraForensics": false,
        "biometricMatching": true,
        "liveness": true,
        "photoIdentPlus": false,
        "permittedDocuments": [
          {
            "idType": "passport"
          },
          {
            "idType": "nationalId",
            "bloc": "EEA",
            "excludedCountries": ["DK"]
          },
          {
            "idType": "driversLicense",
            "countries": ["BG"]
          }
        ]
      }
    },
    {
      "id": "2",
      "type": "amlScreening",
      "interface": "Umbrella Toolbox",
      "blocking": true,
      "configuration": {
        "monitoring": false,
        "dossier": true
      }
    },
    {
      "id": "3",
      "type": "mobileIdent",
      "interface": "Umbrella Toolbox",
      "blocking": false,
      "configuration": {}
    },
    {
      "id": "4",
      "type": "idvProtocol",
      "interface": "Umbrella Toolbox",
      "blocking": false,
      "configuration": {}
    }
  ],
  "matchName": "strict",
  "matchDob": true,
  "magicFlow": false,
  "validitySuperpower": false,
  "journeyDuration": "standard"
}

Request DTO

FieldTypeRequiredDescription
journeyobjectYesVerification journey configuration root.
journey.customerIdstringYesUnique identifier for the customer journey.
journey.processNamestringYesHuman-readable process name (appears on invoices/billing).
validationDataobjectNoUser data object for validation and matching.
validationData.fullNamestringNoFull name (e.g., John Doe).
validationData.DOBstringNoDate of birth, format YYYY/MM/DD.
validationData.addressobjectNoAddress object with structured fields or single-line string.
address.streetAddressstringNoStreet and number (e.g., 123 Main Street).
address.localitystringNoCity / town (e.g., Anytown).
address.regionstringNoState / province / region (e.g., CA).
address.postalCodestringNoPostal / ZIP code (e.g., 90210).
address.countrystringNoCountry code (ISO 3166-1 alpha-2, e.g., US).
validationData.ibanstringNoInternational Bank Account Number (e.g., DE11XXXX3245664).
validationData.phoneNumberstringNoPhone in E.164 format (e.g., +4915738901234).
validationData.unstructuredInputstringNoFree-form text for AI analysis (e.g., email, profession, additional context).
passThroughDataobjectNoCustom data to correlate with your internal systems.
passThroughData.userIdstringNoYour internal user reference (e.g., 12345).
stepsarrayNoArray of verification steps in order. Omit to use pre-defined process.
steps[].idstringYesStep identifier (e.g., 1, 2).
steps[].typestringYesStep type: documentVerification | amlScreening | mobileIdent | idvProtocol.
steps[].interfacestringYesUI interface to use (e.g., Umbrella Toolbox).
steps[].blockingbooleanYesWhether this step blocks the journey on failure (e.g., true).
steps[].configurationobjectYesStep-specific configuration (see below).
configuration.extraForensicsbooleanNoEnable extra forensic checks for document verification (e.g., false).
configuration.biometricMatchingbooleanNoEnable face ↔ document photo matching (e.g., true).
configuration.livenessbooleanNoEnable liveness checks during selfie capture (e.g., true).
configuration.photoIdentPlusbooleanNoEnable additional assisted checks (e.g., false).
configuration.permittedDocumentsarrayNoArray of allowed document types and regions.
permittedDocuments[].idTypestringYesDocument type: passport | nationalId | driversLicense.
permittedDocuments[].blocstringNoGeo/economic bloc for bulk allow (e.g., EEA).
permittedDocuments[].countriesarrayNoAllowed country codes (e.g., ["BG"]).
permittedDocuments[].excludedCountriesarrayNoCountry codes to exclude when using bloc (e.g., ["DK"]).
configuration.monitoringbooleanNoEnable ongoing monitoring registration for AML (e.g., false).
configuration.dossierbooleanNoReturn enriched dossier details for AML (e.g., true).
matchNamestringNoName matching mode: strict | fuzzy | none (e.g., strict).
matchDobbooleanNoEnable DoB matching (requires validationData.DOB; e.g., true).
magicFlowbooleanNoEnable developer/test mode (e.g., false).
validitySuperpowerbooleanNoExtend uiHandle validity from 5 → 60 minutes (e.g., false).
journeyDurationstringNoAuto-close timeout: short (≈150s) | standard (≈300s) | long (≈600s) | eternity (e.g., standard).

Handshake Response

{
  "transactionId": "string",
  "uiHandle": "https://verification.idcanopy.com/init?verificationToken=VERIFICATION_TOKEN",
  "initTimestamp": "string"
}

Handshake Response Structure

FieldTypeDescription
transactionIdstringSensitive journey identifier for tracking/correlation. Do not expose to end-users.
uiHandlestring (URL)Short-lived URL to launch the hosted UI (≈5 min by default; extend via validitySuperpower). Use in an iframe or redirect.
initTimestampstringTimestamp when the journey was initialized.

Using the SDK Example

const response = await fetch("https://api-umbrella.io/api/services/sdk/universal/handshake", {
  method: "POST",
  headers: {
    authorization: `Bearer ${accessToken}`,
    "Content-Type": "application/json"
  },
  body: JSON.stringify(handshakeDto)
});

const { uiHandle } = await response.json();

// Option A: iframe
document.getElementById("kyc-frame").src = uiHandle;

// Option B: redirect
// window.location.href = uiHandle;
<iframe id="kyc-frame" style="width:100%;height:100vh;border:0;"></iframe>