Signing Transactions

Web SDK supports sending a payload, called transaction data, that will be signed by the server when either authentication or enrollment succeed.

The signed transaction is a JWT and can be verified server-side to ensure that the operation was really completed on our servers, and that the signed transaction data matches with what is expected.

Headless Integration

Please base the integration code from the following guides:

The transaction data must be sent during the connect call:

await auth_or_enroll.connect({
  ...,
  transaction: {
    data: TRANSACTION_DATA
  }
})

The transaction JWT can be retrieved inside the finished event:

auth_or_enroll.on('finished', (event) => {
  // will log the transaction JWT
  console.log(event.data.transactionJwt)
})

Web Component Integration

Please base the integration code from the following guides:

The transaction data can be set through the transaction-data attribute:

<kl-auth-or-enroll
  ...
  transaction-data="TRANSACTION_DATA"
></kl-auth-or-enroll>

The transaction JWT can be retrieved inside the finished event:

auth_or_enroll.addEventListener('finished', (event) => {
  // will log the transaction JWT
  console.log(event.detail.transactionJWT)
})

Verifying the Transaction JWT

There are two options to verify the transaction JWT:

Please note - both operations should be executed backend-to-backend for security purposes, ensuring no keys are leaked.