# Integration Flows

### Introduction

Learn how the Keyless Web SDK components can be integrated into a web application and backend server, to enable biometric authentication.

### Integration Overview

#### Live Enrollment Flow

To authenticate with Keyless, a user must first enroll their biometric template. Enrollment with Keyless consists of registering the user’s biometric features in a privacy-preserving manner using the various enrollment methods from the Keyless

#### Authentication Flow

The most common authentications scenarios for the Keyless SDK are:

* access to a web application
* authorization as a second factor

#### Authentication in a web application

In this scenario the user is trying access to a resource in a web application for which strong authentication is required, the web application integrates the Keyless Web SDK which in turn estabilishes a connection to the Keyless Authentication Service, the user is finally authenticated if they pass the liveness and recognition checks.

### Keyless Web Components

As mentioned, Keyless Web is composed of two main blocks:

* Keyless Web SDK
* Keyless Authentication Service

#### Keyless Web SDK

The Keyless Web SDK supports all baseline browsers, and exposes API methods to interact with the Keyless Privacy-Preserving Network to perform the following actions:

* Enroll a user
* Authenticate

#### Keyless Authentication Service

The Keyless SaaS backend offers APIs which can be used to perform specific operations through Backend-to-Backend calls. For example, it is possible to bulk or single enroll selfies captured by other client processes but register these users/selfies via [IDV Bridge SaaS](https://docs.keyless.io/idv-bridge/idv-bridge-saas).