The Online ID workflow is designed around a session-based architecture that separates credential management from user-facing verification processes.

The integration follows a 5-step workflow that ensures secure and effective identity verification.

1. API Key acquisition: Sovos provides a unique API Key for each Online ID client. This key enables SDK functionality and must be treated as sensitive data.

2. Backend configuration: The API Key must be managed exclusively in the backend or middleware layer. This prevents exposure of sensitive credentials in the frontend and ensures secure communication with Online ID services.

3. Session generation: Using the API Key, the backend generates temporary sessions by requesting them from the Online ID service. Each session is valid for one hour and allows the verification process to begin securely.

4. Frontend SDK execution: After a session is generated, the frontend initializes the Online ID SDK and executes the chosen verification flow. The SDK guides users through the document capture and facial recognition processes.

5. Results generation: After verification, the system confirms whether the matching was successful.Enabling retrieve_info service allows you to access all data from a previous verification session using Online ID, including document data, biometric details, and process status.