EKYC Documentation

Appearance

Authentication & API Keys

Overview

All backend interactions with EKYC Solutions Co. Ltds, platforms are authenticated using API Keys. API Keys identify the calling application and determine which services and environments it is allowed to access.

Client-Side SDKs and Backend Services use different authentication mechanisms. This page explains how authentication works at a high level and how API keys are used during integration.

Authentication Model

The platform uses a key-based authentication model for backend APIs.

  • Each integration is issued one or more API keys.
  • Requests to backend APIs must include a valid API key.
  • Unauthorized or invalid requests are rejected.

Authentication is enforced at the platform edge before any processing occurs.

API Key Usage

API keys are required when calling backend services such as:

  • eKYC backend APIs (e.g. OCR, face comparison, liveness)
  • ABIS backend APIs (e.g. enrollment, verification, identification)

API keys must be included with each request, typically as an HTTP header.

  • Client-side SDKs do not expose API keys to end users.
  • API keys should only be used in secure server-side contexts.

Client-Side SDK Authentication

Client SDKs (EkycID) are designed to be embedded in end-user applications. To prevent key exposure:

  • API keys are not embedded in client applications.
  • Client SDKs are typically configured to communicate with backend services through a customer-managed backend, or via controlled token-based mechanisms.
  • Sensitive credentials are always handled server-side.

This separation reduces the risk of key leakage and unauthorized use.

Error Handling and Authentication Failures

If authentication fails, the platform returns an error indicating:

  • Missing API key
  • Invalid or expired API key
  • Insufficient permissions for the requested operation

Refer to the API reference documentation for detailed error codes and responses.

Released under the MIT License.

Copyright © 2019-present Evan You